When users connect to your website are you sure that the data they send you is properly secured?
Ask yourself the following questions:
- Do users (i.e. my customers, my staff, or myself) log into my website?
- Do users buy anything on my website?
- Do users share information with my business via forms hosted on my website?
Continue reading if the answer to any of these questions was, “yes”.
Would you be concerned if?:
- The contents of the forms submitted on your site were shared with others
- The credit card information of your customers was visible to others
- The username and passwords of your users were vulnerable to interception
If you’re concerned, and you should be, take a minute to test your site’s SSL configuration. Qualys (@qualys) has been providing an excellent tool for years available at https://www.ssllabs.com. When you arrive click on “Test your server”, and enter your site’s hostname (i.e. www.yourdomainname.com) in the form. If you receive less than an, “A” letter grade, contact us. If your site is running on the Apache or NGINX we servers, we have a configuration that will improve your score and protect the communication between your website and users.
If you get an “A” or an “A+”
Congratulations, you’re better off than the majority of websites on the Internet. However, just because you have a proper SSL installation doesn’t mean that it’s being used properly. We still see plenty of websites that have good SSL configurations that fail to enforce the use of HTTPS when logging in, submitting forms, and completing purchases.