 I am thrilled with the new page speed tests and I just added a EV SSL certificate to my site. I want the ENTIRE site to be HTTPS for this site. My site has great needs for this. Can someone tell me the easiest way to accomplish this for again the ENTIRE site. Htaccess? header.inc.php can you please supply the code for each or single one? Thanks in advance... Csampson |
Am looking at the same thing myself and finding its a minefield... You can get single domain SSL which are the 'affordable ones' - these will only cover 1 version of your domain though. You then get 'wildcard' SSL which will cover your domain, and any subdomains on that URL. Or you can get SSL for your servers webmail which will then cover any webamil that any URL uses on your server if you have multiple sites.
So far, Ive not found a single SSL that will certify the whole server and everything on it. Anything above single domain SSL gets expensive very quickly... Browsers seem to be hyper sensitive to self certified sites and make it as good as not having SSL at all... bit of a con really, forcing you into buying from a big company...
As for applying it, if you have WHM you can do it there. |
Yes I have purchased and had installed http://en.wikipedia.org/wiki/Extended_Validation_Certificate or "Extended Validation Certificate" I went through the circle of self signed as I bought the best price I could find for this verification from Go Daddy but I am hosted with Host Gator. Once I got what I needed from host gator it no longer was self signed so to speak. The very notion is misleading but I see why they do it. It was a learning process to understand why and had I not asked Host Gator a series of what went wrong the first time I still would be at the certificate. IOW there is a part of getting this that comes from the server itself and not able to be done by just Go Daddy. Again this is my interpretation and I could be wrong but once I got the code from Host Gator in the certificate sold from Go Daddy it then was installed and was no longer self signed. If you wake up with snow on the ground it snowed last night! So anyway I still need the settings for Dolphin 7.1 to be https:// the entire site. I did see a post by Nathan saying change the header.inc.php is that correct as the post was dismissed by the poster as being to much of a resource hog on the older version. It is quite clear the page speed is quite near 95 - 100 with 7.1 so taking a hit for speed the site can take and be fine. So please I have the correct certificate to encompass the entire site I THINK but I need to know how to set it up through Dolphin again maybe a 301 redirect in htacess or header.inc.php the file please if anyone can enlighten me and I am sure I am not the only one it would be greatly appreciated... Also please provide the way to do it if you can please... Csampson |
OK, I changed the htacess to a 301 redirect and I got this but there are issues that have come to light because of it who do I see about this? The join page does not work or will not open now and some other big issues with chrome and IE the icons are at real issues... This is site wide so that is a setting I am sure somewhere or a path that needs to be updated... Please advise... header.inc.php? It appears something needs to be changed in the Csampson |
Geez OK I changed the header.inc.php? to https and all is good now thanks for the help... Csampson |
can you pm me how much you paid for your SSL? also, does it cover everything on your server or just every variation of a single domain?
Im still working out which SSL I need and where to buy...! |
I just did and it covers the domain but I didn't ask for the entire server... Csampson |
You guys are thinking too much about SSL, it's really fairly simple.
Where you will run into issues is if your on a shared hosting plan, but if that's the case you've got problems running dolphin at any medium+ scale and I wouldn't even think about SSL at that point.
Watch this SSL primer: http://www.youtube.com/watch?v=SJJmoDZ3il8
Now understand the only important factor about choosing a CA is if they are widely known, trusted, reliable, and offer the type of protection/insurance you are looking for (if relevant). If you don't choose a widely know CA, you risk your clients not being able to trust your identity because the CA is not common to them.
Do you really need a wildcard? The only thing it gains you is covering any amount of subdomains, IE sub1.mywebsite.com, sub2.mywebsite.com. It does not cover multiple Top Level Domains (TLD), IE mywebsite.com, yourwebsite.com. Also, a wildcard cert is only good for one physical server. If you have multiple subdomains under the same TLD but they are hosted on different servers, you'll need a cert for each one. In most cases, especially non corporate, wildcard SSL is not worth what you pay for it.
daihlo - your best bet is to buy in bulk if you are looking to cover multiple domains on a single server. There are reseller programs out there that might benefit you. The only catch is that most require you place a deposit (usually in the neighborhood of $1,000 USD) that you draw from when you request a new SSL.
Should you buy an EV? Only if the little green title in the address bar is worth it to you. Standard SSL should be fine for a dolphin site. I would only buy an enhanced SSL if your clients expected it & you were doing financial transactions - it'll give them that warm fuzzy feeling inside.
Who should you go with? Symantec is probably the most sought after, but you'll pay a pretty hefty fee for even a standard SSL. RapidSSL & GeoTrust are excellent alternatives, widely trusted and come at a great price. Avoid GoDaddy & Hostgator, their marketing is nothing but a headache.
With that said, glad to see you got it working sampson. Did you notice a performance impact once it was fully redirected to HTTPS? Skype: shawn.nelson |
LOL it's like climbing a mountain via stairs arriving at the summit to only see people getting off the escalator! As soon as you get there everyone says why didn't you take the escalator! To the question absolutely not even a breath of difference in speed. The green warm fuzzy thing today for this site will be worth twice the price... Thks for the thoughts and glad to be walking in the secure air... :-) Csampson |
Problem I have is a new site thats being used in another country. Works fine here, but over there browsers are throwing up warning screens, saying SSL cannot be verified... Been told I need to get an SSL cert to avoid this as its turning people away form the site! |
Problem I have is a new site thats being used in another country. Works fine here, but over there browsers are throwing up warning screens, saying SSL cannot be verified... Been told I need to get an SSL cert to avoid this as its turning people away form the site! Interesting and I wonder if I will run into the same situation the question is how did you know? Did clients tell you? Csampson |
yep. Was notified by people trying to use the site. Chrome and IE in particular seem to have nice warning screens... even saying the site is probably not the real site and should be avoided! |
Try the following site; www.9XDomains.com |
Are you saying that the domains are not registered in some countries? I have no idea just asking? Csampson |
