# SSL certificate - how important



## Suz (Oct 15, 2006)

How important is it to have the SSL certificate on your page?

Do all of you have one?

I notice that Godaddy offers this for $19.99/year.

Hostgator offers to sell you a _*private*_ one for $75.

However, hostgator will include a *shared* SSL on selected plans.

I also understand if you offer Paypal as a route of payment, the SSL is already taken care of with them.

What are your thoughts on this SSL?

Thanks


----------



## Jasonda (Aug 16, 2006)

You can't offer a secure checkout without a SSL certificate. Basically, if you don't have a SSL, people will be able to steal your customer's credit card info very easily.


----------



## rook1200 (Jan 25, 2007)

Just use Paypal for simplicity sake. Once you've proven mass sales, then step it up with a custom cart and buy the godaddy SSL cert (it's definitely the cheapest!)

But Jasonda is right. You have to have it for your sake and your customer's sake.


----------



## gnizitigid (Jan 23, 2007)

If you are using third party payment gateways like Paypal, 2checkout.com, google checkout, you have no need to buy SSL because all the payments are processed on these third party payment gateway company websites.


----------



## Tshirtcrib (Jul 21, 2006)

If you don't want to go the paypal route, and do your very own Credit Card processing system then a SSL certificate is REQUIRED. Thawate is one of the larger companies who sell SSL certificates. The downside with Shared certificates is that the user will leave your website to check out, and that may cause some confusion, and in turn lead to loss of sales due to the fact that the individual does not understand why they are leaving your website.


----------



## Rodney (Nov 3, 2004)

> However, hostgator will include a shared SSL on selected plans.


If your shopping cart is fully branded to match your site's look and feel, many shoppers may never notice that they're on a "shared" SSL connection.

I used a shared connection for a while before I bought my SSL certificate.

Whenever I want to process credit card transactions on a site, I always buy an SSL cert. That makes sure you can have HTTPS:// and the secure lock when people are giving you their private info.

If you are just using PayPal, 2checkout, ccnow, etc, then you won't need an SSL cert.

I get my SSL certs from ev1servers.net


----------



## Headhoncho (Jan 17, 2007)

If you just want to protect your site against hackers messing with it, should an ssl be applied or is it the servers job to keep hackers from inside your site.

I'm asking because my roommate told me that her friend knew of 6 ways to attack my site. While, I don't except cc info, there is a quote asp form that does have minimal client info.

Any suggestions?

-thanks, jm


----------



## Rodney (Nov 3, 2004)

> If you just want to protect your site against hackers messing with it, should an ssl be applied or is it the servers job to keep hackers from inside your site.


If you are on a shared hosting server (you are paying a company to host your site), then they usually handle the server security. Having an SSL certificate won't stop your site from getting hacked into if it has a vulnerability.



> I'm asking because my roommate told me that her friend knew of 6 ways to attack my site. While, I don't except cc info, there is a quote asp form that does have minimal client info.


That sounds like some sketchy information from a removed source  It's possible, but attack is not the same thing as "hack" into.

Get specifics. It might help you make your site more secure (or figure out that your friend's friend might be pulling your chain)


----------



## EXTouch (Mar 22, 2007)

Kind of on the same topic...

I use cs-cart and PayPal Pro for my website. I know that when my customers check out, they are protected by PayPal's SSL. 

What I'm concerned about is on the admin side of my website. I was using the shared SSL provided by my webhost until they were bought out and were recently merged with the new company. 

How important is it to have the SSL for the admin part of my site?


----------



## abmcdan (Sep 14, 2007)

If in the admin part you are viewing any sensitive customer data then you will want a SSL. A SSL certificate encrypts the information being sent from the server to the end users (your) computer keeping anyone from tapping into the line inbetween the 2.

Andy


----------

