Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
SSL Security Guide
SSL Security Guide
Topic Options
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report to Moderator
- Plusnet Community
- :
- Library
- :
- SSL Security Guide
SSL Security Guide
16-09-2014
4:38 PM
1. What is SSL?
SSL (Secure Socket Layer) is a technology which helps keep web activity private. Regular web traffic can be intercepted and read by other people. What the SSL system does is encode your traffic, so anyone who is 'listening in' won't be able read it without cracking the code. SSL offers very good security, and is widely used as part of the security for online credit card purchases.2. How do I use SSL?
Most browsers have built-in support for this. All you need to do is add the letter "s" to your web address, so that http becomes https.If the website that you are looking at supports Secure Socket Layer connections, your browser will check the site's certificate. This confirms that you are connecting to the real site and not a fake one.
This is why Secure Socket Layer doesn't work with hosted or virtual domain (www.username.plus.com), because the certificate is registered to our domain (plus.net) and will will appear not to match.
You may be shown the following message, which warns you that the domain and certificate don't appear to match. If the domain and certificate do match, then both the browser and server send each other unique codes which are used to scramble all the information sent between them.
Then, so long as your browser is pointing to the 'https' address, your web session will be secure. You can double-check how secure this is by looking for the padlock icon on the bottom right-hand bar of your browser.
3. SSL and your Plusnet service
As a Plusnet customer, your webspace is held on a server (ftp.plus.net) which supports Secure Socket Layer and has the appropriate certificate for this. This means you can specify that visitors to a particular webpage address the server using Secure Socket Layer, getting an encrypted connection.If you want to set up an encrypted link to your own homepages, you will need to specify your address as https://homepages.plus.net/username/ (replacing username with your own obviously).
Important: it won't work with the following:
- Hosted domains.
- https://www.username.plus.com/
- CGI webspace
- Frontpage webspace
Also, please note that you if you specify the full-path of the URL the the slash - ('/') is important. If you want to identify specific pages as being secure, then the links to these should be referenced the same E.g. https://homepages.plus.net/username/secure/socket.html
Note: If your page has images or other objects referenced from remote servers (other than homepages.plus.net), you won't be able to get a Secure Socket Layer connection. All images and code which are part of the secure page must be located on the FTP server (as specified in the digital certificate). For this reason you'd be unlikely to use Secure Socket Layer on all the pages of your website. Instead you'd use it only on those pages requiring full data encryption.
Once the link from the browser is made you'll see a small padlock icon appear in the Status bar (the bottom right-hand part of your screen). Double-clicking on this will show you the actual certificate information and encryption details (right).
Important: Any CGI script that you use to collate or transfer data collected by this method doesn't compromise the security of the transaction. By using our preloaded CGI script (Form Email) you can transfer details collected by the secure connection to your own POP3 mailbox. This mailbox is safe from prying eyes as long as you keep your password as secure as possible (i.e. don't tell your password to anyone else and choose a password that won't be easily guessed or broken). We recommend that you choose a password using both numbers and letters.
E.g. ru55i4ndoLL
For more helpful tips read our Username and Password Security Guide
Although this does offer a relatively safe means of encrypted data transfer, Plusnet cannot be held responsible for data taken by this means; we offer this facility as an added service benefit.