Nowadays, most SSL certificates support both www and non-www domains, you don’t need to obtain separate certificate for http://www.domain.com and domain.com
Wildcard SSL certificate can secure a single root domain and it’s all subdomains. You just need to add asterisk just before a common name.
For example –
Request certificate for *.domain.com, it will secure all subdomains as below.
- mail.domain.com
- shop.domain.com
- anything.domain.com
As per your requirements, you should choose multi domain wildcard SSL certificate. It can secure your multiple websites as well its unlimited subdomains.
For example –
- *.domain1.com
- anything.domain1.com
- *.domain2.co.uk
- anything.domain2.co.uk
- *.domain3.com
- anything.domain3.com
-
This reply was modified 8 years, 10 months ago by JasonParms.
-
This reply was modified 8 years, 10 months ago by JasonParms.
-
This reply was modified 8 years, 10 months ago by JasonParms.
You can choose any type of SSL certificate as well it provides the same level 256-bit encryption security for your WooCommerce site. There are differences between verification processes, brand reorganization of certificate provider, an amount of warranty that will help you to build trust among of end-users.
Basically, domain validation certificates are available at free or lowest priced due to automated domain only verification. In other hands, organization or extended validation follows manual verification processes where actual human resources verify your business credibility. It means the certificate provides security for your website as well authenticates your business by confirming your business reliability.
If your WooCommerce website collects users’ information like username, password, credit card details or any other personal data through login credentials and commercial transactions where gain users trust is an important factor for a merchant, then I would like to recommend EV SSL certificate. It will protect your website with strong encryption and enhance customer confidence by triggering company name in the browser address bar.
Read this article to get more information about EV SSL certificates – https://www.ssl2buy.com/wiki/ev-ssl-certificate-display-green-bar-to-build-trust
To solve the mixed content issue, you can use a relative path instead of absolute path. This article may help you to fix mixed content warning – https://www.ssl2buy.com/wiki/fix-mixed-content-nonsecure-items-error-on-ssl-secure-site
Actually, there is a problem with mixed content errors. Please ensure that all images, frames, iframes, flash and JavaScripts are load over the HTTPS. If browser found nonsecure elements over the SSL secure website, then it exceeds warning message.
To fix mixed content warning, you can refer this article https://www.ssl2buy.com/wiki/fix-mixed-content-nonsecure-items-error-on-ssl-secure-site/
Definitely! You should enable SSL on your site to increase the trust of your site visitors by providing maximum security and business authentication.
Without SSL protection, when users will send any information through the login, register, lead generation or order process pages. It will travel into plain text format, so attackers can easily gain access to your personal data.
Behind this, SSL will encrypt all information which transmitted between the web browser and the web server, so it hard to break encryption mechanism for hackers. SSL will give you full protection against man-in-the-middle and eavesdropping attacks.
If you want to set up secure environment over the web by enabling additional layer security, you can follow below recommendations.
- Enable HTTPS on your entire website instead of login, register or checkout pages.
- Use 301-redirection to move non-secure HTTP traffic to secure HTTPS site.
- Enable HSTS and choose 2048 bit key encryption.
- Buy an EV SSL certificate to your website which will enable company name into the green address bar. It will give direct assurance to your customers about web security and business reliability.
It isn’t enforced tasks, but these are some most worthwhile options to set up robust protection against common cyber attacks.
You can refer this article to learn the benefits of SSL secure site: https://www.ssl2buy.com/wiki/benefits-of-securing-website-with-ssl-certificate/
It is more advisable that force HTTPS (SSL) on the entire website instead of login or dashboard pages. Using .htaccess file you can redirect all traffic to HTTPS secure protocol.
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.yourdomain.com/$1 [R,L]
There is an issue with closing tag </a>, it is available two times in your code. You should remove it from the front line like below.
HTTP is a default protocol, which is used by most websites to handle the information over the web. Your website is running on HTTPS without any error message, it means your certificate has been installed correctly. You should migrate your entire website from HTTP to HTTPS. Learn how to move HTTP to HTTPS for WordPress
