Encryption and Security with SSL

Encryption and Security with SSL When it comes to accepting payments online and other sensitive information via the Web, normal HTTP just does not cut. This is a method of communication of uncertainty in which all the wire in clear text - it is easy for any network administrator can a business or an Inteet service provider to access the network, and most networks are also vulnerable to "sniffing" of non-privileged users on the network. Things are bad enough that we should not provide any passwords, with no additional safety measures, unless the things that the password to access all trivial - simply, as a webmaster, you have to worry about encryption and security. But as you can on your website? Well, is not as difficult as people think, because there is a standardized way has SSL. What is SSL? SSL stands for Secure Sockets Layer. This is an encryption method to ensure that communications between a server and a client is certain: in other words, the data can not be sent intercepted or tampered with in any way. SSL works with a variety of encryption methods, but the main thing is, SSL certificates, which confirm that a party is indeed the reality, which helps prevent spoofing. If SSL, in combination with HTTP is HTTPS (Secure HTTP), a powerful tool for Web browsers and Web servers to send sensitive data and are safe. If all the above our heads, perhaps you should in the way your customers. SSL is what their web - browser come with the little lock icon that indicates that the site is safe for them to open up sensitive information a. If there is no lock, do not want to be with you. However, you should also know what SSL is not: it is not complete security package. If the transfer of data via HTTPS and then store it in a database in the clear, if your server, someone with access to the database is still able to easily identify the data. SSL is not the answer to everything - it is only a means to prevent something happens to the data, while it is "out there", travel over the Inteet. Of course, are not your customers to recognize that (it is thought that the block works like magic), but at least it should be. The level of encryption There are three levels of SSL encryption: 40-bit, 128-bit - and 256-bit. It 'very important to emphasize at this point that 40-bit SSL - is outdated and obsolete: there would be a fool to use them. The only reason why 40-bit encryption is available to process, because the U.S. govement was initially afraid to export cryptographic algorithms, which is strong enough to carry with them: the 40-bit was quite strong for most Web applications, but still quite weak, which could break by brute force with their powerful computers. The United States was convinced that the easing of restrictions, if the govement has realized that they did nothing, but the forces of development in other countries, but since then has spread the use of 40-bit encryption. Now, years later, there's really no reason for use. You should apply the 128-bit, at least, and preferably a 256-bit - what you can afford it will probably be for the value of the goods for sale. If you believe that someone who is trying to make your encryption, you must do better. How do I use SSL? If your web host supports SSL, then you should have everything for you (if the site itself then you are welcome to watch the tutorial modssl.org to be installed). However, before using the SSL protocol, it is necessary certificate - which is to purchase an SSL certificate from a trusted certification authority. The big three are VeriSign, GeoTrust and Thawte, but relatively high price. It works more or less the same as buying a domain name and, indeed, many domain registration resell certificates - you can often get a better fight against them that is one of the big companies. You can often perfectly good products for only $ 30 a year if you shop around.