Jump to content

Recommended Posts

Posted

I was wondering if we have access to a secure server via our CPanel account. We would like to post a form that asks for financial information on our site, but do not want to do this unless the data is encrypted. Can you point me to the place where I can find out more information about this?

 

Thanks,

Matt

Posted

I see a couple potential issues with this, depending on the specific information you are requesting.

 

First, you must use SSL so that the form is encrypted. I would recommend getting your own SSL certificate as opposed to using a shared certificate.

 

Secondly, you'll want to select a secure method to submit the data. There are all kinds of form options out there(http, javascript, php, etc.), not all of them are secure.

 

You'll also want to address storage of the information. Are you storing it in a database or in flat files? How are you protecting it from unauthorized view.

 

Finally, depending on the information you are receiving you may have certain regulatory and compliance requirements. For example, if you're receiving credit cards, there is the Payment Card Industry compliance - https://www.pcisecuritystandards.org/

Posted
Matt, each server is supposed to have a shared SSL certificate which everyone can use. I believe alls you need to do is use https when calling your form and it will be encrypted.

 

Just as an aside. I just tried it. When prefixing with https: I get a 404 error, drop the s and my pages load fine. Doesn't matter what page I try to load. If I just try root, I get an apache welcome screen with a note to contact the system admin if I am seeing that screen instead of the website.

 

And of course, there is the security notice about the domain in the certificate being different than the domain I am accessing with it.

Posted

You can't use your domain unless you have purchased your own certificate. Please visit the link Thomas provided for a full explanation and details.

 

 

On this page you will find info about SSL.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...