Jump to content
Sign in to follow this  
mdenham

Secure Server

Recommended Posts

I was wondering if we have access to a secure server via our CPanel account. We would like to post a form that asks for financial information on our site, but do not want to do this unless the data is encrypted. Can you point me to the place where I can find out more information about this?

 

Thanks,

Matt

Share this post


Link to post
Share on other sites

Matt, each server is supposed to have a shared SSL certificate which everyone can use. I believe alls you need to do is use https when calling your form and it will be encrypted.

Share this post


Link to post
Share on other sites

I see a couple potential issues with this, depending on the specific information you are requesting.

 

First, you must use SSL so that the form is encrypted. I would recommend getting your own SSL certificate as opposed to using a shared certificate.

 

Secondly, you'll want to select a secure method to submit the data. There are all kinds of form options out there(http, javascript, php, etc.), not all of them are secure.

 

You'll also want to address storage of the information. Are you storing it in a database or in flat files? How are you protecting it from unauthorized view.

 

Finally, depending on the information you are receiving you may have certain regulatory and compliance requirements. For example, if you're receiving credit cards, there is the Payment Card Industry compliance - https://www.pcisecuritystandards.org/

Share this post


Link to post
Share on other sites

Thank you to all who replied to my query.

 

We are in the initial research phase, so the information that you have given me is great.

 

Matt

Share this post


Link to post
Share on other sites
Matt, each server is supposed to have a shared SSL certificate which everyone can use. I believe alls you need to do is use https when calling your form and it will be encrypted.

 

Just as an aside. I just tried it. When prefixing with https: I get a 404 error, drop the s and my pages load fine. Doesn't matter what page I try to load. If I just try root, I get an apache welcome screen with a note to contact the system admin if I am seeing that screen instead of the website.

 

And of course, there is the security notice about the domain in the certificate being different than the domain I am accessing with it.

Share this post


Link to post
Share on other sites

You can't use your domain unless you have purchased your own certificate. Please visit the link Thomas provided for a full explanation and details.

 

 

On this page you will find info about SSL.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

×
×
  • Create New...