Ecommerce Development

Ecommerce Software Reviews And Assistance.

Useful cPanel Features to Know About….

Hosting a website used to be hard work, but the invention of application based control panels changed all that. Today the most popular website hosting control panel is cPanel and, looking at its attributes, it’s not hard to see why. cPanel is:

  • Easy to customise – cPanel has various themes that can be installed, or you can create your own themes and custom branding to give your cPanel a unique look.
  • Effective – anything you need to do can be done with cPanel.
  • Compatible – works with all web enabled GUI-based operating systems, and works on desktops, laptops, netbooks, tablets, and smartphones.
  • Feature-packed – cPanel comes with a rich variety of pre-configured extras that will make it easier than ever to create your dream website.

It is the last of these attributes that we’ll focus on in this article. So many of the features in cPanel are immediately useful whether you are a seasoned website host or a complete novice.

1. Set up and manage email accounts

Even if you haven’t got a website yet, you can start making the most of your domain name right away by ensuring all your staff have professional email addresses. That’s the most basic step and probably the first thing every new website owner will take care of first.

You have access to all the email functions through the email section on cPanel. You’ll find all the various features are grouped into these collapsible sections, which makes it easy to control what you see on the screen. Some cPanel themes even allow you to drag and drop the sections to the order you want them to appear in.

Obviously before you can do anything else, you’ll need at least one email account to work with. You access this through the Email Accounts link. The default option allows you to add a new email account, as shown below:

It’s all very self-explanatory. Once you have at least one email account on your domain, it’s then possible to use the other email functions. The primary things you can do with email include:

  • Routing – you’ll need this feature if you’re going with a non-standard configuration, such as if you are receiving or sending emails through a third party system.
  • Filtering – you can create rules for how the server should respond to incoming messages based on the sender, subject, or other criteria. Filtering at the server level can be preferable in most cases, because it prevents unwanted messages being downloaded to your devices, saving you bandwidth.
  • Authentication – DKIM is an authentication technology that attempts to automatically verify the sender of an incoming email message to help protect you from spam. SPF is used to authenticate your outgoing messages to help avoid spam messages being sent out through your domain. It’s recommended to leave these settings on, but they may block messages that don’t fit the rules.
  • Encryption – You can create and use PGP keys to use with your emails.
  • Forwarders – you can automatically forward incoming messages to another domain.
  • Autoresponders – these are used for automatically replying to an incoming email. These should be used with some caution because there are times when automated responses are appropriate and times when they are not.

2. File Management

Most of the time it’s more efficient to use FTP for managing files on your server, but when you just need to do a quick fix, the built in file manager of cPanel is there for you. You will find this in the Files section. Everything works very similarly to a desktop file manager like Windows Explorer, Thunar, etc. There is a very small learning curve, but once you understand how it all works, it will be an additional string to your server management bow.

3. Image Management

If you’ve uploaded a batch of image files to the server, you can save some time on common image processing tasks by allowing cPanel to automate those tasks. You’ll find the image managing tools in the Files section under Images.

The tools available include:

  • Thumbnailer – automatically generate thumbnail versions of all the images in a directory.
  • Scaler – if you forgot to scale your images to be server friendly before uploading, this tool will allow you to do that.
  • Converter – if you uploaded your images in the wrong format, use the converter to change them to the correct format.

There are other ways to perform these tasks, but being able to do it directly on the server can save you some time and effort.

4. Domain Management

This is one of the more advanced features, and you’re more likely to need to use it when you have multiple domains to manage through one account. As an example, you may have created a domain for your local business, widgets.co.ie for example, and another domain to cater for international audiences (this allows you to tailor your content specifically for Irish visitors on one domain, using local expressions that may not be well understood outside of Ireland).

You can make one of your domains a subdomain or add-on domain for the other. For example, widgets.co.ie might be an add-on domain of widgets.com, and while they each are independent, they can be managed from a single access point and can easily share resources.

It’s important to understand the difference between subdomains and add-on domains. A subdomain is really just a directory within a domain that can be used to help visitors go to the right location easily.

For example, mcdu.equicom.net is a subdomain of equicom.net, and can be accessed just as easily by typing equicom.net/mcdu – the important part is that it’s not a separate domain even though the content can be completely distinct from the main website content.

An add-on domain is very different. This does require purchasing an additional domain name, and allows you to host the content for more than one domain in the same server space.

Another type of domain hosting is a parked domain or alias, which is where you use more than one domain name to point to the same location. This also involves purchasing an additional domain, but unlike add-on domains and subdomains, you don’t create a separate directory for the content.

5. Database Management

Not every site needs a database, but if yours does you will find all the tools you need in cPanel. Creating a new database can be done with the MySQL Wizard, and then you can do all the database operations by accessing phpMyAdmin.

6. Security Management

Keeping your websites secure should always be a top priority, and cPanel certainly provides plenty of tools to help you do that. Using the cPanel security tools you can install an SSL certificate, block access from certain IP address ranges known to be malicious or undesirable, protect assets on your site from hotlinking and leeching, and set up SSH access.

7. Site Backup Management

In addition to the ordinary security procedures, which help keep your site safe from attack, it’s still the most sensible precaution to make regular backups just in case a problem does cause something on your site to break.

cPanel provides many tools to make it simple to back up and restore your site using either manual or automated processes. The learning curve here is a bit steeper than for most of the other tasks you might do in cPanel.

The first option is the simplest. From here you can download the most recent incremental backups made on your server, which is a simple archive file in tarball format (.tar.gz)which most modern archiving programs can unpack.

File Backups is away to restore individual files that have somehow changed in an undesired way. This saves some time because only the one file that needs restoring will be restored.

Using Cron Job Backups is not something most people will want to bother with. Cron is a Linux and Unix task scheduler.

DNS Zone Backups are just the same as Full Backups but on a multi-domain site you can specify that you only want one of your domains restored.

Using the Database Backups feature, you can backup and restore databases, but only if you have set your system to already backup databases separately to the rest of the site (which is not really necessary).

The effectiveness of Email Backups depends on how often you download your email messages and remove them from the server. Obviously messages that are not on the server when the backup occurs will not get backed up on the server.

SSL Certificate Backups are simply a backup of the SSL certificate for a domain, if one exists. This feature is a security tool to be used in case somebody gains access to your site and replaces the proper SSL certificate with a fake one.

8. Softaculous Software Installer

We saved the best for last. With Softaculous, you get access to many of the hottest titles in web application software. While it’s certainly possible to install each application individually without using Softaculous, you won’t normally want to do it that way because it would involve a lot of extra work and configuration.

When you use Softaculous, everything is configured automatically, tailored for your own website. Many site owners don’t realise it, but Softaculous contains such a wide range of software, there is pretty much everything you could ever need for any business purpose.

In fact, with Softaculous, you be able to eliminate a lot of your present software licensing costs, because you can replace the offline software you use in your office with online software you run from your web server.

Just to give you a small taste of what you can expect from Softaculous:

  • All the big name CMS packages are present, including WordPress, Joomla, Drupal and many more. Using a CMS is not strictly necessary, but if you do want to use one, it’s good to know that it is so easy to install directly onto your site this easily.
  • There are powerful mainstream e-Commerce packages too, including PrestaShop, Magento, Zen Cart, BoxBilling, and more.
  • You also have access to some less mainstream commerce packages that are perfect for specific niches. For example, boost a real estate website with the Open Real Estate package, keep track of hotel bookings with Booked, or run a tech support business with Vision Helpdes
  • For bigger businesses there are enterprise level tools including ERP and Project Management solutions. Many of these have a clear focus on IT businesses, while others are more general in nature. Feng Office is probably the most general of the available options in project management. There are ERP tools for CRM (YetiForce, SugarCRM, Vtiger, etc), accounting (FrontAccounting, Akaunting, WebERP), HRM (OrangeHRM, Jorani), and collaboration (EGroupware, GroupOffice, Tine, etc).
  • Educational organisations will also find software aimed mainly at their industry, including classics like Moodle, Chamilo, ATutor, TCExam, eLabFTW, and many others.
  • There are also tools for hosting video collections, music, social media platforms, multiplayer games, and even personal cloud storage solutions (eg. OwnCloud, NextCloud, etc).

In total there are 25 categories with over 400 individual applications to choose from, and also the SitePad website builder for those who don’t have a preference for developing sites in HTML.

Concluding remarks

With all these built in features, and quite a few additional ones that aren’t covered above, you may expect cPanel to be hard to use, but in truth it is exceptionally easy. It’s built more for functionality than beauty, but everything just works.

While using cPanel is very easy, there is plenty of documentation to help, and for those who want to truly master the technology there is even a cPanel University where you can learn every detail and get the credentials to prove it.

Because cPanel is the most popular web hosting control panel by a very large margin, learning to use it is one of those skills that will always be a genuine asset.

Most importantly, cPanel empowers anyone (regardless of technical ability) to effectively manage a website easily.

 

 

How to Choose a Hosting Package

If you’re making your first expedition into hosting your own website, you’ve come to the right article for advice. We’re not going to make any assumptions here about what you already know, so you’ll get all the information you need to help make getting started as smooth as possible.
Look at features first, then the cost
This is a really important point. Cost is not a good indicator of what you’re going to get for your money.

Even though the features-to-price equation is generally true in terms of getting value, do be careful not to pay extra for features you’ll never use.
The most important features are:
• Disk space – more is better. You need enough space for all the web pages (structure + program code + CSS + content (text, images and video)), plus space for extra things such as databases and email.
• Bandwidth – more is better. Most hosting plans will have more than enough bandwidth to get you started off, and how much you actually need depends on how popular your site is going to become and the type of content you’re hosting. Bandwidth is the total amount of data uploaded and downloaded from your site per month by all the visitors, including yourself.
• Support options – more is better. This is especially true when you’re just starting out, but it’s actually also true for every web hosting customer. Quality of the support is also a factor, and that’s something we’ll discuss in detail in just a moment.
• Payment options – more is better. Good web hosts make it easy to pay your hosting bill, offering you a choice in how, when, and how much you pay for your services.
Choose a good web hosting service
Many people misunderstand the importance of size when choosing a web host. The vital thing to know is that you don’t necessarily want to go with the biggest and most popular hosting service. That’s a strange thing to say, so let’s take a moment to explain what it means.
Normally, popularity is a good thing, but web-hosting services are a special case where this is not necessarily true.
This is because the resources available for hosted sites on any one provider are finite. Quality of service can be expected to decrease when the number of customers gets large enough to exceed the resources available to support that number.

In the chart above, you can see how the popularity of a host (and the popularity of the sites it hosts) impacts negatively on the quality and performance that can be provided by the available resources.
Here is why it happens:
• Competition for computing resources. Each server (or server cluster) has a limited amount of CPU, RAM and disk space available. Hosting companies always need to have purchase or lease more servers than they need in order to support the number of customers they have, and high quality servers are very expensive.
• Competition for bandwidth. Websites receive traffic from human visitors, web crawling “robots” that index pages in search engines, and from internal activities. Every email, picture, video, piece of text content, and line of program code connected to any one site is eating into the bandwidth limit.
• Competition for support resources. This may be the most crucial point of all. The quality and performance of site support must decrease if the hosting company is too popular.
In order to ensure you get adequate support, what you need to do is choose a hosting company that is large enough to provide the infrastructure you need, but still small enough to be able to dedicate personal attention to you and your needs.
A good example is Hosting Ireland, which is a very popular choice for business customers, but has not grown to the extent that it no longer provides personal support from its own staff. That means more personal support that is tailored to you, and gives your problems an appropriate amount of attention.
Many larger companies cut some of their support options, farm their support services out to third party services, and/or limit the amount of time any support worker can dedicate to resolving any one particular issue.
Choose the right hosting type
The lowest cost hosting option is shared hosting. This allocates the resources of a single server among many customers, keeping costs down and still providing adequate performance to meet the needs of smaller sites with lower bandwidth and performance needs.
The very best hosting option, which obviously also costs the most, is dedicated hosting, where the resources of a server are dedicated solely to one hosting customer.
In between these two extremes there is an option called a Virtual Private Server (VPS), which combines some of the cost savings of shared hosting with most of the advantages of dedicated hosting. There is still some competition for computing and bandwidth resources, but you are also more isolated from other customers on the same server and have full control and autonomy over the management of your server space.
Which one you should choose depends on the size of your business and the volume of traffic you expect to be handling. For most small to medium businesses, VPS or shared hosting should meet their needs comfortably, and a good web host should make it easy to upgrade if your needs expand to a higher level.
Linux or Windows?
Unless you need the features supported by a Windows server, most business and personal sites will be better off with a Linux server. This simplifies your hosting, costs less, and provides the most flexible range of options.
Regular hosting or WordPress hosting?
Some hosting customers decide they want to use a particular technology such as WordPress, and then buy a hosting package that limits their choice so that WordPress is the only thing they’re able to use. That can become a problem if you later find that you need to do other things with your site.
So while “WordPress hosting” may sound like something you might want, it really isn’t the best choice in the majority of cases.
Good hosting services make installing WordPress really easy, and you can always pay somebody to do that for you if you really need to.

Hosting Ireland provides web hosting with a website control panel called CPanel, and one of the many features of CPanel is an installer system called Softaculous.
Using this installer, you can install WordPress very easily, but you’ll still have full server control through your CPanel to do other things like administrate email, create your own custom MySQL databases, and manage other site features more easily.
Getting up and running just takes six simple steps, as shown below:
Hosting Ireland provides a website control panel called CPanel, and one of the many features of CPanel is an installer system called Softaculous.
Using this installer, you can install WordPress very easily, but you’ll still have full server control through your CPanel to do other things like administrate email, create your own custom MySQL databases, and manage other site features more easily.
Getting up and running just takes six simple steps, as shown below:

As wonderful as WordPress is, it does have some limits on what it can do. If you have an ordinary hosting account, you can mix non-WordPress pages into your WordPress site, which you can’t do easily if your site only supports WordPress and nothing else.
Choosing a local hosting provider can be a smart move
If your business is based in Ireland, it makes sense to choose an Irish hosting service. You should also have an Irish domain name, to help you get more local site traffic from users in Ireland.
By choosing an Irish web host, you’ll have better access to tech support and possibly even the opportunity for one-on-one consultation in person. It also makes sense when the regular office hours of your hosting provider are matched closely to your own. That means no more waiting until 2am to make that call to sort out a billing issue.
If you choose to host your site with Hosting Ireland, you can get a discount on your domain name from 25 percent all the way up to 100 percent of the cost, which makes getting your Irish domain for your Irish site even easier and even more advantageous.

Irish Domain Registration To Get Easier!

Comparison of Website Builders in Ireland…

When it comes to publishing a website, people generally have two options:

• Build the entire site themselves, or
• Pay a developer to build it for them

But sometimes it can be the case that you lack the required coding skills to develop an entire website all by yourself, and also lack the financial resources to pay a competent developer to build a site for you of a suitable quality.

Should you just give up? Heck no – because there’s a reasonable compromise available, and it’s one that might help you meet your publishing needs without a major investment of time and money.

This solution, as you can no doubt tell from the title of this article, is to use an automated website builder.

Now, it is important to understand that these systems aren’t for everyone. If your site needs to do something very advanced, this method may not be best for you. But if you just need a general business website that doesn’t need to be uniquely special, automated site builders can save you time and money.

In this article, we’ll review the most popular automated site builders in Ireland, so you can evaluate whether this is the right way for you to meet your publishing needs, and decide which company will be best for you to work with.

What we’re testing.
For each provider, we’ll examine the available pricing plans, quality and variety of templates offered, performance, and ease of use.
1. Wix
Wix is the most well-known of the automated site builder providers because it was one of the earliest ones and indulges very heavily in marketing, especially on social media.


• Pricing
Wix has the option to include a free, ad-supported, Wix branded website, with no obligation to upgrade to a premium service. For most businesses, this would not be desirable, because it makes your site look amateurish and cheap. Just because you didn’t pay to have your site professionally developed doesn’t mean you want everyone to know it!

• Template selection
Wix has more than 350 free templates to choose from, however as is usually the case, the popularity of this provider means that many businesses within the same nice may end up with very similar websites. You can avoid this problem by using one of their blank templates, however this also means you’ll need some design skills.

The selection of templates feels limited. If you were creating a website for a restaurant, for example, the choices are limited to: Burger Corner, Pizza Restaurant, Vegetarian Restaurant, Steakhouse, Mexican Taqueria, Asian Restaurant, Mexican Restaurant, Restaurant Site (haute cuisine / nouveau cuisine), Tapas Restaurant, Vietnamese Restaurant, French Cuisine, Sushi Restaurant, and Italian Restaurant.

So unless your restaurant fits into one of their neat little stereotypes, you’ll need to invest extra effort and time into modifying the template to work for your business.

• Performance
This may depend on what browser and operating system you use. On my Linux system running Firefox, Wix appeared to cause a gvsd metadata loop to start up on multiple occasions, which leads to excess hard drive access. It also increased the resources used by Firefox until the gvsd metadata loop was manually shut down, whereupon the system returned to normal. If this happened only once, it wouldn’t be worth mentioning. The fault may not be exclusively caused by Wix, but it was the only provider that triggered this issue on the test system.

Accessing a site already built with Wix was not impressive either. The page loading time was excessive, and I was also not impressed that Wix hides the page source in encrypted form.

• Ease of use
After signing up for a free Wix account, you are asked what kind of site you want to create. There is no delay waiting for your email address to be verified, etc. Select the category of your site, and then choose a template. A very lengthy delay then ensues, with a splash screen to show it is working, but no progress indicator, so the user will not be sure how long it is necessary to wait.

Waiting for this process to complete gave me plenty of time to notice this warning in the browser about their SSL certificate:


After 10 minutes, it still had not completed, so I restarted the process. After another 10 minutes, I abandoned their site on the basis that it clearly wasn’t working correctly. Reliability is important for any hosting service, and persistent errors are not acceptable.

Other reviews have described the editor as “easy to use” and I guess this can be accepted as true. I was disappointed not to have the chance to see for myself, however.

2. Register365
This provider gives the option of building the site yourself or having them do it for a fee. It’s worth taking into account that the fee is too low for them to be creating you a genuinely bespoke website, but if you’re comfortable with buying off the rack, it’s probably still better than going for a total DIY job. On the other hand, if you prefer to tackle the task yourself, it’s completely possible with their Website Builder tool.


• Pricing
Register365 is massively undercutting market leader Wix, and on the face of things the value offered is much better. There are just two pricing options, and they’re super-competitive:


• Register365 is also providing more value straight out of the box than Wix does, as many features of Wix that are optional add-ons are provided by default by Register365. However, we still can’t recommend them unless you’re never going to travel the world, and never going to work with any subcontractors located internationally.

Why? Because if you log in from a non-European IP, they will lock you out, and the only way to resolve this is by phoning them, because they only provide phone support (which is not good enough). They will do this even if you registered in the first place from that non-European IP. So for us, Register365 is a no-go, because you should be able to log in from where you want.

It is super-discriminatory to assume that you’re an intruder based on where you’re logging in from, and ought to be illegal.

• Template selection
Register365 only provides somewhere between 100 and 200 templates, which means you’re even less likely to find a suitable one for your business than you would have on Wix, and even more likely to end up being “twinned” to one of your competitors due to using the same template.

• Performance
Register365 did not trigger any of the performance issues encountered on Wix and was impressively quick to load. The only downside was the log in screen, which has quite an amateurish appearance, and not what we’d expect from a major service provider.

Their lack of support for globalised industry also has to count as a point against in terms of performance.

• Ease of use
The interface was a little more complicated than expected, but it’s still easy enough to get to grips with. You start by selecting a template for your site, and then clicking the “Edit” link. CloudSite templates are made up of components called widgets. You can edit each widget directly by clicking on it in the editing area, and you can drag-n-drop widgets from the left panel.

The knowledgebase for this system is scanty, and for this reason it’s not easy to recommend Register365 to anyone with no prior experience in designing and building websites. Considering that this would be the main market for this kind of service, the logical conclusion is that updating the knowledgebase to be more comprehensive should be their highest priority.

This service demonstrates the concept of “you get what you pay for”. It’s the cheapest option out there, but it’s lacking in too many areas to be an easy recommendation. This service could be of interest if you’re strictly a local business and you aren’t interested in a nomadic lifestyle or working with a widely dispersed global team.

3. Hosting Ireland
This service was the easiest to get up and running with quickly. Registering was a snap, and required only a name, email address, and password to be entered. Once registration is completed, the user is taken immediately to begin the process of building their site.


• Pricing
Hosting Ireland offers three different website builder packages that you can create a website with. At first the pricing may seem high, but when you take a look at the inclusions, you can see that these packages actually represent excellent value. The Premium package, in particular, comes under notice, offering a free IE domain and free SSL certificate included, at only €149 per year for an annual subscription.


What makes Hosting Ireland stand out is the added value from all the inclusions. While their regular hosting is even more affordable, and also excellent value, if you need the simplicity offered by a website builder application, these packages are an excellent choice.

• Template selection
The number of templates available was low in comparison to Wix, but then none of the website builders (including Wix) are offering anywhere near enough templates to meet the demand. The starter site had the lowest number of templates to choose from, while both of the higher priced options include more than 100 templates. It’s worth noting that these templates offer certain enhancements as standard inclusions that would be paid extras under most of the other services in this review.

• Performance
The performance was impressively fast during testing, and there was virtually no lag, even when tested using a Wi-Fi connection.

• Ease of use
There wasn’t a great deal of difference in ease of use compared with Register365’s CloudSite, with the only real difference being that the widgets are dragged down from the top of the screen instead of from the left. There are also more widgets to choose from.

4. LetsHost
At first glance, it looks like LetsHost is offering very similar deals to HostingIreland, but actually the differences are definitely there to be seen. LetsHost has a more solid focus on eCommerce, and offers it even on their lowest package deal, but they’re not including as many freebies and bonuses.

• Pricing
LetsHost has three packages to choose from:


In some ways this looks good because the basic price is not too high and includes eCommerce at every level, but then you start to notice a few things.

The first of these, which was really the standout compared with HostingIreland, is that there’s no SSL included, and no free domain included. This thing about “membership” was also confusing, since that should be something entirely under your control, not something your host should be involved in at all. And very alarmingly, they imply password protection is only available on the premium plans, but also it’s not clear what they mean by this.

The most concerning thing, however, is that this service stands alone in charging transaction fees, and it’s not clear whether this transaction fee is merely passing on from their payment services provider (Weebly), or is added on top of Weebly’s transaction fees (which would make it a total of 6%). We’re going to assume that it’s not added on top. Either way, for a host branding itself as a stand-alone host to be routing checkout through Weebly just feels slimy.

• Template selection
This service has more templates than most of the other services except Wix, but the wording on their site implies there are “thousands of variations”, which is kind of true, but you could say that about any site using templates. A variation just means using different fonts and colours to the default.

As an example of how meaningless this is, consider a site that offers 100 different templates, and for each template there are 10 foreground and background colour options. This means the number of variations is 104 (or 10x10x10x10 = 10,000).

If you then have 100 different fonts you could choose from, the number of possible variations becomes 106 (or 10x10x10x10x10x10 = 1,000,000).

So effectively, claiming there are thousands of variations possible is a meaningless statistic, and it’s not helpful to consumers in making a comparison. All the different providers have thousands of variations.

• Performance
The performance of LetsHost was impressive, with fast loading times even for large images and video backgrounds. Some of the links and scripts on their own website didn’t work when clicked, so that was a minor concern. Otherwise the platform itself seems quite sturdy.

• Ease of use
LetsHost uses a left column drag interface. The buttons are clearly marked and easy to understand. Navigating within the control panel was a little more complicated compared to HostingIreland but easier than Register365.

Overall verdict
If you like working from templates, don’t want to pay anyone to assist you, or you want a simple eShop where you don’t have to do any real work to configure it, an automated site builder is for you. Otherwise, regular hosting and a bespoke site built with HTML and CSS is better, because it’s going to give you a lot more control over the end result.

From the sites reviewed above, HostingIreland offered the best overall experience in terms of value for money, performance, and ease of use. If they added some more templates to their offering, it would be as close to perfect as an automated website builder can get.

Securing Your Site and User Trust With SSL

Secure Sockets Layer (SSL) has two important functions associated with site security and integrity:

• When your SSL certificate is digitally signed by a trusted third party certificate authority, it helps to verify that your site is identifying itself correctly

• SSL encrypts all communications between the user and your site, making it difficult for somebody to extract anything useful even if they are able to intercept the communication

Every site that is owned by a business, non-profit organization, or government agency should have an SSL certificate. The only exception is where your site does not collect or disseminate any sensitive information.

When you have an SSL certificate, users can connect to your site via the HTTPS protocol. The “S” in HTTPS stands for “secure”. Although we use the term “SSL”, which is the one most people are familiar with, the standard has actually been superseded by something called TLS (Transport Layer Security). But you don’t need to worry about this because TLS is going to be enabled by default on any modern web server.

Even though the technology is enabled by default, sites that have an SSL certificate still need to set the HTTPS version of their site as the default protocol for inbound connections. A 2014 survey by Moz showed that less than 18% of respondents were already using HTTPS, and as recently as 2015, it was found that less than 2% of the top 1,000,000 sites had HTTPS set as the default protocol.

As a user, you can ensure that HTTPS is used whenever possible regardless of a site’s default settings by installing the HTTPS Everywhere plug-in.

SEO advantages
Using SSL may give your site a boost in Google rankings. In August 2014, Google announced that it would take SSL into account as a ranking factor.

It also must be considered that HTTPS does slightly lower the speed of a site, so if your site is already slow (which it shouldn’t be – fix it!), you could see your rank actually slip as a result of adding HTTPS. It will really come down to the differential between the benefit from HTTPS and the benefit from having a fast site.

Google wants sites to use HTTPS because it makes it easier to verify the integrity of a site, but that doesn’t automatically mean you need to do it. Most sites will benefit from having HTTPS, but because SSL certificates aren’t free, you might choose not to have one if the cost can’t be justified.

Risk vs. reward: the privacy and security advantages of SSL
You have to think about the financial cost of purchasing and renewing your SSL certificate. If there’s nothing on your site that needs to be confidential, you may not need to go to the trouble.

But if your site collects personal information from the user, has password authenticated log-ins, or engages in any sort of e-Commerce, you absolutely must have SSL if you want to avoid problems and retain the full confidence and trust of your users.

How to get an SSL certificate
Buying an SSL certificate is not like a regular purchase, because there are a few tests and checks that have to be done before a certificate can be issued. This is for the protection of everyone, including you. Usually the easiest way is to get your Hosting company or SEO manager to obtain the certificate for you, because this will simplify the process greatly.

If you’d prefer to do it entirely on your own, your first step is to generate a Certificate Signing Request (CSR) on your server. This is a block of encrypted text that looks similar to a PGP signature. What you need to type to generate the request depends on what server software your web host is running.

Most websites are hosted on Apache servers, and Apache uses a service called OpenSSL to generate a CSR. Here’s an example of how to generate a CSR for a company called Widgets-R-Us Inc, with domain widgets.com, based in Los Angeles:

openssl req -new -newkey rsa:2048 -nodes -out widgets_com.csr -keyout widgets_com.key -subj “C/=US/ST=California/L=Los Angeles/O=Widgets R Us Inc./CN=widgets.com”

The section that’s relevant about the company is the -subj section. This contains a string value with specific values, as follows:

• C is a 2 digit country code, for example: US, UK, IE, FR, DE, BE, and so on.
• ST is the state or province
• L is the city
• O is the organization name
• CN is the “common name”, which is a fully qualified domain name (FQDN).

There’s an optional value called OU that can appear between O and CN, but it is rarely used, and can cause problems. Currently (at the time of writing) the SSL certificate of Australia’s Department of Foreign Affairs and Trade is affected, for example. OU stands for “organizational unit” and means a department within the organisation.

After generating the CSR, it would look something like:

—–BEGIN CERTIFICATE REQUEST—– MIIHVjCCBj6gAwIBAgIQVXENtd02KRwAAAAAUNuvdTANBgkqhkiG9w0BAQsFADCB ujELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVudHJ1c3QsIEluYy4xKDAmBgNVBAsT H1NlZSB3d3cuZW50cnVzdC5uZXQvbGVnYWwtdGVybXMxOTA3BgNVBAsTMChjKSAy MDEyIEVudHJ1c3QsIEluYy4gLSBmb3IgYXV0aG9yaXplZCB1c2Ugb25seTEuMCwG A1UEAxMlRW50cnVzdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eSAtIEwxSzAeFw0x NzAzMDIyMjA5MzNaFw0xODAzMDIyMjM5MzFaMIGNMQswCQYDVQQGEwJBVTElMCMG
—–END CERTIFICATE REQUEST—–

In this case it is contained in the generated file “widgets_com.csr”. You need to open that file in a text editor, then cut and paste all the text (including the begin and end instructions) into the online form of the SSL certificate authority you are ordering from. Do not confuse the csr file with the key file.

Once the certificate authority has validated your domain and company, it will email you a copy of your SSL certificate, which you then need to install on your server.

Due to the complexity involved, most people prefer to have professional assistance rather than opting to do it themselves.