In 2017, PRO ISP started a collaboration with computer studies at Haugaland high school. The collaboration means lower prices for hosting used for education.
The students can quickly start learning
Rune Karlsen, lecturer at Haugaland tells us: “Using the services PRO ISP provide ensure that our students can quickly start learning how to manage websites. It is important for us that the data is stored securely, services provided locally and that the server host complies to Norwegian laws and regulations. We train our students to run both local and external server. They should have knowledge of options available and what is more cost efficient, outsourcing or running the services in-house.
Relevant services for the students
PRO ISP focuses on automation of our services wherever we can. We also focus on standardization and quality control. It is important for the students that the services they are using is relevant and prepares them for the IT-community they will later be a part of.
“We have an ongoing dialog with the companies who provides apprenticeships for our students. They provide guidelines for what the students should learn before becoming apprentices. It is our responsibility as lecturers to interpret the benchmarks in order to create learning objectives” Karlsen tells us.
PRO ISP was recommended
“We were recommended PRO ISP by Hatteland Solutions who also collaborates with them”. Karlsen also tells us they want their students to visit Hattelands data halls so they can see with their own eyes where the data is stored, and how security is safeguarded.
“When using PRO ISP we know our students data is stored in Norway and complying by the laws and regulations here. PRO ISP also offered our students their services for a very resonable price. It was also a bonus that the students could easily take over the hosting/website after they finished school.”
A successful collaboration
Lecturer Karlsen is extremely please with the collaboration between his class and PRO ISP. The entire process of creating domains for the students, installation of other services was all done easily. He tells us the students said our services was intuitive and easy to use.
“I recommend this type of collaboration for all computer studies. Our students learned how domain, hosting, cPanel, integration of email with MX, etc is all connected. We would say it was easier for our students to learn about the connection of different technologies when using PRO ISP. We are very happy with our collaboration and will hopefully continue this for years to come.”
School class in need of hosting?
PRO ISP offers special discounts on our web hosting solutions exclusively for schools. Teacher may contact us at sales@proisp.eu for more information.
The importance of maintaining security online is nothing new. Many people tend to only think about security when visiting a website, but as an owner of a website, no matter what the type of website it, you need to think about security. Informational websites, blogs, online newspaper, web shop or any other.
Security is important for you as an owner of the website, and for those visiting and using the website. In this article we will take a closer look at how to maintain basic security and what needs to be done if an incident occurs.
Security on your website involves:
It should be safe for everyone to visit the website
The website should not be infected with malicious code that may infect visitors
The website should not forward visitors to any websites with malicious code
Information exchanged between visitors and website/server should not be accessible to anyone unauthorized
The topic is comprehensive and one article cannot cover it all, but we will focus on the most important; It should be safe to visit your website!
Make sure the website is not/cannot be infected
When a website is available online it poses a potential target for hackers. A hacker is not necessarily a man in a black hood in a dark basement. In most cases a hacker is an automated “Bot” (robot). These “bots” are constantly scanning known and unknown websites for vulnerabilities to exploit. Vulnerabilities exist in the code running, directly or in add-ons such as plugins.
A classic example is a website created in WordPress, with a theme and a few plugins installed. Since WordPress is quite popular it is also popular to search for vulnerabilities in this type of installation. If a hacker can successfully infect 1 website, they can potentially do the same to thousands of websites.
The motive behind infecting a website may include; a hacker might want to spread their message, send spam from your account, collect sensitive information from visitors, forward visitors to other insidious websites, use the resources of the account for other attacks and so on. All of the mentioned is of course something you want to avoid. In general, it is rarely you directly, they are targeting.
Checklist to avoid having your website infected
Everything must be updated, always Since WordPress (and other similar systems) is popular, when vulnerabilities are found, improvements are made and updates released. It is important to update when new ones are released. As soon as a vulnerability is detected and known, it is only a matter of time before the websites not updated will be attacked. The same goes for anything installed on the system. As we mentioned in our example, we have a theme and plugins running. These can also contain vulnerabilities and developers release updates correcting this. It’s therefore important to keep both theme and plugins updated as well as the installation itself.
Anything not being used on the hosting should be removed
Any theme or plugins not being used should be deleted/removed. Even if you deactivate a plugin or a theme everything is not actually gone. Files are often left and can potentially be abused. This means; only what is necessary to keep the website running optimal should be openly accessible. Anything else must be deleted or moved to an unreachable area.
Use captcha for forms
Forms; contact forms, order forms and similar must be secure so they cannot be completed automatically. The “bots” we mentioned before can also be used to abuse forms, when available and send spam from website/account. This will affect the visitors in two ways:
1. Resources for the hosting can be used for this, preventing visitors from loading the website.
2. Causing abuse of such a magnitude that the account will be suspended to avoid further issues. Suspension means the website will be offline and not available for visitors. All forms where visitors can fill in information, should have an extra check. Captcha is the most common (and recommended) check for this.
Password must be secure
A secure password is long and composed by numbers, small and uppercase letters and other characters. Long password can also be sentences or phrases with random numbers/letters more easy to remember. Password is used on our client portal, hosting, email and the website/installation. The password used the most is also the most vulnerable. You should change password at least a few times each year. You should never use the same password several places.
Implement extra security wherever its possible
For many CMS (WordPress/Joomla/Drupal) special plugins are developed focus solely on security. Check what needs you have and install what you think is best for your website and needs. There are several decent free options, but if you have a larger website with heavy traffic it can be worth paying for the extra security. Sucuri (sucuri.net) provides a free plugin as well as a paid version and is known for value for money.
Make sure to always have a backup of your content
You should always make sure to have a backup of your content. All of our clients have access to the best solution in the market for backup. At PRO ISP you have access directly to your backup via the control panel (cPanel). Backup is performed once each day of all the content and is kept for 30 days. In addition to the backup solution with PRO ISP we recommend always having an external backup. Once each month or once each quarter, depending on how critical it is and how many changes you are willing to lose.
Website has been infected, what to do?
What if the damage has already been done? What if your account has been suspended by PRO ISP? This can happen to anyone and most people experience it as unfair.
All hosting companies operate the same way when it comes to hosting; several hosting share resources on the same server. To illustrate, imagine the server as a hotel and the clients account as hotel rooms in the hotel.
When a hosting company detects resources being abused, this must be stopped to avoid it affecting the other clients in the same hotel. Imagine a hotel room with so many visitors that no other guest can get in or out of their room. The room creating the problem will have to be closed to avoid this. Its not always an account will be shut down, but if signs of hacking/abuse is noticed we can notify directly.
The most important in such cases is; follow the instructions given and ask for tips/advice/guidance if you are unsure.
If we detect hacking/abuse, and either give notice or suspend the account, we always give instructions on what needs to be done.
In most cases the hacking is so recent you can use a backup included in the hosting. The procedure is easy:
Delete content on hosting related to the website.
Restore content from a date before hacking/abuse occurred (if you are unsure, use the oldest backup available)
Review all the mentioned measures above to prevent further hacking/abuse. Update everything, secure all forms, change all passwords and implement extra security
If you do what is recommended and follow this you are as secure as possible. Both you as the owner of the website, the visitors, and we who serve the website form our servers will be happy.
Secure information between visitors and server (SSL certificate)
Security certificate is becoming more and more relevant to discuss, and highly useful when it comes to security for websites. We have previously had articles about “SSL certificate- How to chose the right one” and how larger suppliers are planning to force more and better use of this to maintain security online (“Google warns: Secure your website”). Now it is about to get a little technical but we will need to explain some technical stuff:
SSL* is an encryption protocol, or a set of rules telling a server/client (website and visitors) how encryption of the data will be executed. The encryption is the process of making something unreadable or incomprehensible to others.
* In reality TLS is used, but SSL and SSL certificates are used in everyday speech so therefore also in this article.
The end goal for SSL is to make sure the visitor, and the server/website, will be able to read the data sent between these two parties. It is therefore essential when personal and sensitive data is exchanged, such as phone number, username, password, e-mail addresses, credit card information and similar; because we do NOT want this information seen by others.
In order to enable this encryption we use “keys”. When the visitor and a server/website have the same kind of “key”, only they can read, and encrypt the information. An SSL certificate is a certificate confirming the ownership of the “keys”, and that they are authentic and valid. How thorough this confirmation is, depends on the certificate, read more about it in “SSL certificate – How to choose the right one”. In short terms the certificate confirms it has been issued by a valid issuer, for the website visited, and its validation for this. As a visitor, you can see this by the green padlock in the address field and that the browser reports the website as secure.
As mentioned in “Google warns: Secure your website” encryption of information is highly relevant since it will be a demand soon. You can of course avoid using SSL certificates, but visitors of the website will be receiving a warning when entering your website. This warning can compare to shouting at your customers: “I do not care about security”. If you have not made the transition from http to https the time is definitely now!
Du you have any questions?
In the beginning of the article we mentioned security is a quite large topic and cannot be covered in one single article. Still, follow the advises given, and be more aware of security you will have come a long way already.
Did you read the article and is left with many questions? Do you want some guidance? Please, do not hesitate to contact us.
Security for websites are undergoing major changes. The extent of these changes is comprehensive and will affect all websites using HTTP:
The implementation of the changes has been done gradually and the “final” date has been changed several times, but according to Google (8th of Febuary 2018) you will need to make your website secure by the beginning of July. If you still have a website using HTTP after this your visitors will see this when using Chrome:
Why HTTPS?
HTTP has been used for many years, but has a major flaw. All data transfered via HTTP can be stolen or manipulated because it’s not secured.
HTTPS is secured and ensures all data transferred is encrypted and protected. We can therefore understand why web browsers now will require the use of HTTPS as standard.
The data is not only protected and encrypted but using HTTPS will give up to 5% increased visibility in search engines and more options for your mobile website. HTTPS also enables the use of HTTP/2 which provides 20-30% faster page load compared to HTTP.
How do I get HTTPS?
In order to get HTTPS your website needs to have an SSL certificate. Choosing the correct SSL certificate can be confusing. We recommend reading “SSL certificate – how to choose the right one”. Please do not hesitate to contact us and we will help you choosing the right SSL certificate for your website.
This article will tell you everything you need to know to create a great website. Either you are creating a website for your company, your hobby or creating your own blog.
The first thing you need is a domain. This will be the name of your website. A company would normally use the company name as their domain, for example proisp.eu. If it is a blog, you would perhaps use your full name or your “blog name”.
When you have decided on a domain to purchase, you will also need to choose a TLD. This is what comes after the domain, .com, .no or .org for example. If you are targeting Norwegian customers, .no would be a good choice, while for English speaking customers .com would be a good choice. In addition to the most used TLD’s (.no, .com, .org etc) you can also purchase special TLD’s that works well with your domain. How about super.mom, cupcake.store or bradpitt.actor.
(If the company you are creating a website for is not registered in Brønnøysund we recommend doing this after you have purchased a domain.)
Web HOSTING
When you are creating a website you will need to store it somewhere. This is what we call a web hosting. A place to store your website (and email). In addition to web hosting you can also use virtual and dedicated servers. However, these options require knowledge on the setup and operations compared to web hosting. Web hosting is therefore the easiest and most affordable option.
There are different types of web hosting when it comes to storage space. Most websites will only need 1 GB (Pro Start) or 15 GB (Pro Medium), but if the website requires extra high performance and stability Pro Premium or Enterprise is definitely the best option.
With your web hosting you will be able to create email addresses for your domain, such as myname@exampledomain.org. All of PRO ISP web hosting have daily backup available 24/7 as far as 30 days back.
Platform
After acquiring a domain and web hosting, you need to decide which software you want to create your website with. Many of our clients use WordPress or Joomla. Both of these can easily be installed on your web hosting with PRO ISP via a control panel.
A simple and good option is the website builder. With the website builder you can easily create professional websites without any technical knowledge or experience. You select the design, insert text and pictures (use your own or choose from a large selection of stock images) and you will be ready to publish the website. A major benefit for the website builder is that there is no need to update neither the software or any plugins you are using. With WordPress and Joomla you will need to update to avoid any security risks.
The video below will show you how to create a website using the website builder (try it FREE for 30 days).
What should my website contain?
Now that you have your domain, web hosting and software ready, you need to think about what your website should contain. Answer these questions:
Who am I and what am I offering?
Who is going to visit my website?
How will they find my website?
What questions will my visitors have?
What actions do I want my visitors to take?
The answers to these questions will give you vital information on how to create and customize the website for your target audience. The more information you have on your future visitors, the easier you can lead them where you want on your website. Whether its purchasing a product or a service, attending an event or contacting you directly.
How often do I need to update?
In terms of the actual content, you need to think of your website as a living organism. The website needs to be outdated and renewed to remain interesting. Do not let visitors see old or updated content on the website. This can cause visitors to leave and you lose customers. Outdated links, old email addresses or other outdated information should never be on your website. Make sure everything is updated at any time.
When creating content, you should avoid putting any “expiration date” on it if possible. Phrases like “last month” or “last week” should be avoided as the content will be outdated quickly.
For a website selling products, think of the website the same way you would with an actual shop. Product placement, displaying new products and give inspiration to your visitors. The same goes for websites selling services, both physical and virtual, create content that inspires and interests your visitors.
For the technical part of the maintenance/updating this will depend on which software you will be using. For WordPress and Joomla you will need to update the software and any plugins you are using to avoid abuse/hacking of your website.
If you want a website without the need to update software or plugins we recommend using our website builder. This is 100 % maintenance free.
Some good tips
Keep it short and simple
Your visitors should quickly be able to figure out if you have the content they are looking for. It only takes about 10 seconds for a visitor to evaluate the website and decided if they are staying or leaving. The navigation should therefore be simple and ensure it’s easy to navigate your website.
Each page should not be any longer than necessary, but at the same time contain enough information and details. Using headers, sections and spacing will make your text easier to read. The recommended size for text is 16 px while a sentence should not be any longer than 50-60 characters.
Responsive design is crucial
The use of phones is a part of everyday life and it is therefore crucial to have a mobile-friendly website. Having responsive design will make sure your website looks good on any device (phone, tablet and desktop) while being user-friendly at the same time. If you are using the website builder it will make sure your website have a responsive design.
YOUR WEBSITE NEEDS TO LOAD QUICKLY
The traffic of your website is highly affected by speed and load time. You want to keep visitors on your website as long as possible. If they are experiencing slow load, the risk of them leaving the website increases. There are several measures you can do to increase the speed of your website. Using cache, compressing content and optimizing pictures can make a noticeable difference. See how to test the speed of your website and what you can do to improve it in “7 ways to make your website faster”.
make sure your website can be found
SEO is short for “Search Engine Optimization” and is one of the most important measures you can take to drive traffic to your website. Focus on SEO can affect how high your website ranks in search engines such as Google. Read more about SEO “SEO – what do I need it for?“.
MAKE IT EASY TO CONTACT YOU
Show your visitors how easy it is to get in contact with you. Have links to all your social media on all of the pages of your website. You can also use a contact form, but it should never be further away than a click. Remember to use captcha (a test to find out if the visitor is human or a boot) to prevent spamming.
Summary
To create a website you need a domain, web hosting and software. When you have this, you need to create a structure for your content that ensures visitors performs the actions you want. The website will need to be updated frequently, both content and technical. If you want a website without technical updates we recommend using the website builder.
Symantec is one of the worlds leading certificate authority (CA) and have now entered a collaboration with DigiCert. Fall of 2017 the two partnered to form the worlds leading CA.
If you haven’t heard the exciting news, Symantec, the world’s foremost Certificate Authority, is now powered by DigiCert, another industry titan. This past Fall, Symantec and DigiCert went into business together and formed the most powerful Certificate Authority in the world.
We know you’ve probably got a lot of questions. So here’s a quick explanation of why this happened, what to expect and when you’ll start to see changes.
The world’s most powerful CA
Symantec’s new partnership with DigiCert truly is a perfect match—the two CAs are a perfect complement for one another. Now Symantec’s premium security offerings, powerful add-ons and unmistakable recognition will be undergirded by DigiCert’s industry-best validation practices and mechanisms, along with its universally trusted PKI.
Customers can expect to see:
The same great Symantec and DigiCert products
Streamlined validation that cuts days off issuance
A universally trusted PKI
Continued trusted status from browsers
The latest encryption and hashing algorithms
Why did Symantec and DigiCert merge?
Symantec and Google had been negotiating for months regarding issues with Symantec’s PKI. After coming to an agreement on a fix, Symantec sold its SSL and PKI division to DigiCert in exchange for $950-million. Symantec also now has a 30% stake in DigiCert.
What does this partnership accomplish?
In the interim, it will keep all of Symantec’s currently issued digital certificates trusted. In the long run? The two companies will slowly merge, identifying the strength of each and using them to build a new, more efficient CA. The new PKI system is expected to go-live on December 1, 2017. This means all new, reissued, or renewed SSL certificates issued after December 1, 2017 will be publicly trusted across all browsers.
Your Action is Required
In order for this transition to work as smoothly as possible, you may need to re-validate and re-issue your SSL certificates from DigiCert’s new PKI. Don’t worry, we will guide you seamlessly through this industry transition. This process will be quick and painless, and most important: FREE. All impacted customers will receive detailed instructions via email about how-to re-issue your SSL certificate.
The re-issue process will take place in multiple phases. There is a strategy behind this transition and when to re-issue your SSL certificate based on the issue date, expiration date, and browser timeline. The start date for re-issuing your SSL certificates is after December 1, 2017.
If your SSL Certificate was issued before June 1, 2016, you have until March 15, 2018 to re-issue your SSL certificate.
If your SSL Certificate was issued after June 1, 2016 you have until September 13, 2018 to re-issue your SSL certificate.
Here is a visual representation of the upcoming dates:
We’re here to help!
As always, if you have any questions or concerns regarding this transition, feel free to contact us.
Regardless if you are selling products or services it is important to be available online. There are several options to build a webshop, both for beginners and more advanced users. In this article we will look at all the steps necessary to open a webshop.
Acquire domains and usernames
Create landingpage
SEO
Choose platform
Acquire domains and usernames
The first action you should take is to acquire the domains you wish to use for the webshop. Depending on where your target market is you might need .no, .com, .se and .dk to mention some. If the webshop has a name with special letters you should acquire all the different types to make sure the customers find you.
In addition to registering the name with Brønnøysund and a domain provider you should acquire the name on social media. The sale will take place on your website but most of the marketing will be through social media.
The decision on whether or not you should use other social media such as Instagram, Pinterest and SnapChat will be dependent on your target audience. Are they using these social media platforms? If you have plans to post videos showcasing your products, you should register for a YouTube account aswell.
It is important to create these accounts as fast as possible to make sure you get the username you want.
Don’t go overboard. If you know you will not be able to maintain many different accounts you should just use Facebook. It is more important the profile is updated frequently and respond quickly than having as many social media profiles as possible.
Create a landing page
When you have acquired the domain(s) you should post content on the website. Start to build your brand while allowing search bots such as Google start crawling your site. While you build your web shop you should create a landing page. This page will give visitors the option to sign up for future newsletters. By doing this you will start attracting possible customers before you even launch.
All web hosting (and domain parking) at PRO ISP has the option to create a free 1-page website where you can create a landing page. In the example below, we have created a simple landing page where visitors can leave their email. It took about 5 minutes to set up this.
Make the webshop visible for Google
To make the webshop visible for Google you should optimize both the website and the webshop. Doing so is called “SEO – search engine optimization”. You should make sure search engines easily can find your website and connect possible customers with it.
Do a search for businesses like your own and see which words stand out. Use these when optimizing. Read more about SEO: “SEO – what do I need it for?”
Selecting platform
There are many different platforms to use when building a webshop. Whether you are brand new in the IT-business or have been working with websites for years. We will look at some of the most popular platforms available and which type of users they will work best for. All of the platforms mentioned can be used on our web hosting and most of them can be installed easily with just a few clicks.
WEBSITE BUILDER
If you are a beginner when it comes to websites we recommend using the website builder from PRO ISP. Within the website builder, there are two options for webshop, one is easy and simple, the other one more advanced which is connected to “Ecwid”.
In the simple module you will be able to administrate categories, products and shipping. The module also gives you the options to use PayPal for payment. This module makes it possible to go live with your webshop within a few hours.
The more advanced option is connected to Ecwid and allows for your webshop to receive orders within minutes. Design and setup is done via the website builder while the administration of products and orders are done via Ecwids website. You can connect your Facebook page with Ecwid to make your webshop available from Facebook as well. Please be aware: The free version of Ecwid only includes 10 products, if you need more extra costs will be added (more information).
The website builder contains everything you need for a webshop. No experience needed and maintenance is not an issue as we handle the security of the platform. You can try the website builder for FREE 30 days.
WooCommerce is a powerful webshop platform available as a plugin for WordPress. 28% of all webshops around the world use WooCommerce. With the platform you can charge by PayPal, invoice, register added value and multiple shipping options. WooCommerce can also be extended from the WordPress library for plugins. The platform is perfect for both beginners and more advanced users. Read more about WooCommerce: “WooCommerce – build a webshop easy as 1-2-3“.
Magento
Magento has been on the market for several years and is recommended for larger companies with developers and experience. With a few clicks Magento can be installed on web hosting with PRO ISP via cPanel. Med Magento you will have access to a large selection of different functions. Any requirement you have will most likely be supported within the installation. It has a great report function and the interface is ok, but will take some time to get to know. What you would need to install as an extension in other platforms is already included within Magento. You will be able to create newsletters, have a full overview of all sales and visitors as well as the possibility to set up added value and shipping options. The webshop is designed for selling products, but can also be used for the sale of services.
Magento requires more resources in general, so you should select a more powerful web hosting then with the other platforms. At PRO ISP we have dedicated Enterprise web hosting especially for Magento with LiteMage for extreme performance.
Prestashop
Prestashop was started in 2005 and is one of the worlds most popular platforms for webshops. Over 250 000 websites use Prestashop which can be installed directly from cPanel with a few clicks. The platform works both for small and larger companies. With over 300 extensions included you will have everything you need to open a webshop. You might need to purchase a theme since the one included is really simple and boring.
Summary
We recommend you test the different platforms to see what works best for you. Depending on what needs you have the price will vary.
In WooCommerce you will have most of the extensions needed included (such as Stripe for payment), but most of these also have premium versions. With PrestaShop and Magento costs can increase quickly to get the extensions you need. Magento requires more resources so you will need a more powerful web hosting than with the other platforms. We recommend Enterprise web hosting with LiteMage for extreme performance.
Consider how many sales and products you will have and test different platforms to find the best solution for your needs.
650 customers have participated in our customer survey for 2017 – thank you for your participation! The results of the survey are important information for PRO ISP when it comes to development and improvement. What works and what does not is up to our customers.
“Why did you choose PRO ISP?”
Knowing why our customers choose us, gives us information on how we stand out and differ from other competitors. We asked “Why did you choose PRO ISP?” and evaluated which words were most used. The word cloud is a visual presentation of the words most used by the 650 responses.
“How do you prefer to receive information?”
PRO ISP has several options on how to send information to our customers. What is important to us is that we use the options preferred by our customers and the options that ensures we reach as many as possible.
The graph below tells us our customers prefers to receive information from us via email, when it comes to both news and system service announcements. This is the same results we had for our customer survey in 2016.
“How do you prefer to contact us?”
Our customers can contact us several ways. By learning more how our customers prefer to contact us, we can improve these options and make them even more available. As shown below email and live chat is the preferred ways while phone and Facebook are less preferred. We had the same results from last year’s survey as well.
Is our customers satisfied with us?
Most important for us working for PRO ISP is that our customers are satisfied with us and the products we deliver. The customer survey contains a series of questions regarding how satisfied the customer is with us and our services.
Click the image for a larger version.
How would you review PRO ISP?
In addition to the customer survey you can review us anytime on Trustpilot. Here you can also see what other customers have to say about us and how they have reviewed us.
Summary
Knowing if our customers are satisfied is important to us here at PRO ISP. The summary of the customer survey tells us our customers are happy with both our products and our services.
Our focus forward will be as before; developing our products, optimizing communication between us and our customers and of course keep delivering high quality products and services.
The demand for SSL certificates have been increasing rapidly the last couple of years. The reason for this is most likely because security have become more important as there are continuously new cases of hacking and cyber-attacks. Google and the web browser community have also contributed to the increasing demand. Not having an SSL certificate will cause a warning to appear for the user in the web browser. Here at PRO ISP we receive daily inquiries regarding SSL and the most common questions are:
SSL certificates are used to create a secure connection so that the information being sent cannot be monitored or altered by anyone. In other words, it ensures safe communication. On a website with SSL certificate, the URL will contain an S so it will say https:// instead of just http://.
SSL certificates are not only used for web servers, but for any type of service where secure communication is required (email, FTP for example). However, it’s mostly on websites that you will notice the use of SSL due to the visible indicators to increase end user trust and confidence in the browser. We will elaborate more about this later.
SSL certificates also have another function. The certificates are issued by certificate authorities (CAs). These issuers have a set of rules to follow for when a certificate can be issued – in the same way as there are rules for issuing passports or driver’s license.
There are currently 3 levels of validation for SSL certificates and each level have higher requirements than the previous level. The requirements verify control and ownership of the domain. Each level is meant to provide increased trust for the client that you are who you say you are. As each level require more information to be verified the price is usually higher for each level.
The easiest certificate to get issued is domain validated certificate. This certificate only verifies that you control the domain, which can be done via email, DNS and file. This part is done automatically for all our clients who order certificates for web hosting at PRO ISP. All our web hosting includes a free Basic SSL certificate which is a domain validated certificate. This only takes a few second to issue.
This is how a DV certificate will look in a web browser:
Site seal is not included for the free certificate, but is included in all the other certificates. You can however add a site seal to your free Basic SSL, which is cheaper than purchasing a SSL certificate. If you are wondering how a site seal looks on a website, look on the bottom at proisp.eu. Clicking the site seal will provide more information about the website and what is verified. Site seal is used to show visitors the owner of the website has secured the website and show what has been verified by a third party. This increases the chances for the first-time visitors to more quickly establish enough trust to the website so they may contact you or make a purchase. The site seal included with certificates typically contain more information the higher level they are, as well as being more expensive. The site seal for proisp.eu is one of the ones with most verified information as well as issued from the worlds most recognized brand when it comes to security online.
Paid certificates have a warranty covered by the issuer if the certificates have been issued to someone performing fraud and issuer should have known about. Visitors of the website is covered by this warranty. The warranty is another way to ensure the visitor to have trust in the website.
About 5% of our clients are denied Basic SSL by the certificate issuer due to information on the domain, domain name or contact information seeming suspicious. In these cases, a manual review is required by the issuer and you will need to purchase a SSL certificate instead.
2. Organization validation (OV)
Organization validated certificates must in addition to domain validation also validate the information regarding the organization/company. Private parties can therefore not purchase these. Required documentation is that the organization:
Exists
Own/operate the domain
Operates from the correct address
Can be contacted through public available contact information
In a web browser the URL will look the same for OV as DV certificate, but the visitor can check which organization and address the certificate has been issued to, as shown below.
The site seal for OV certificates contains more information (company name), the warranties are higher and there are some available extra functions such as malware and PCI scanning. As there is more to verify for OV it usually takes the issuer around 1-2 days from order to the certificate is issued. This is also reflected on the price.
3. Extended validation (EV)
EV SSL certificate requires the highest level of validation before being issued. Basically, most of the same information as OV certificates but the difference is there are fewer approved sources as well as the validation process is more thorough and more documentation is required. Compared to OV certificate there is overall more to validate on each check point. The most visible difference is seen in the web browser. This is how our URL is seen in the web browser:
You can clearly see who is the owner of the website as the company name is shown next to the URL.
Since there is more to validate for the certificate issuer it usually takes 2-7 days to issue EV SSL certificates. These certificates are normally the most expensive.
What do I need SSL certificate for?
Safe communication
In today’s society with increased focus on protection of privacy and security, secure communication is essential to maintain both.
Higher ranking in search engines Search engines have added SSL as a part of their algorithm ranking and it is estimated websites with SSL have about 5% better results than websites without.
Faster loading websites Web browsers have chosen to support the new HTTP/2 protocol when using SSL/TLS only. HTTP/2 can reduce the loading time with 20-30%. All our web hosting supports HTTP/2, but only when you have an SSL certificate your website will use HTTP/2 instead of the older HTTP/1.1 protocol.
Avoid warnings in the web browser Web browsers shows a warning that the website is not secure when inserting data into a form and the website is not using SSL. In the future a warning will be shown for all websites not using SSL.
Increase conversions A conversion is a visitor performing a desired action on your website. This could be a purchase, registration or anything else. All paid SSL certificates contain many benefits to increase conversions, such as site seal, warranty, malware scan and increased visibility in search engines. These benefits will help increase the trust for your website while showing your customers you are serious about security.
Company name visible in web browser EV SSL certificate clearly shows the owner of the website and that it has been validated from a secure third party. A message to show you have been through the most thorough check and give you the highest level of trust with your customers.
Which SSL certificate should I choose?
Which SSL certificate is the right one for you will depend on what kind of website you have and how it is used. Some have several domains and websites with different needs and therefore may need many different certificates.
Generally, we recommend you consider who your visitors are and what you want them to do. These questions should be answered:
To what extent does users notice if the website is secure?
How much will it mean for the visitors to see the website is secure?
Will indicators showing that the website is secure, or to show who you say you are, increase trust for your website and its visitors?
Will increased trust to your website increase the likelihood of visitors doing as you want them to?
If the visitors will not notice it the website is secure, and it will not increase the likelihood of visitors doing as you want them to, you do not need more than our free SSL certificate or Start SSL (RapidSSL). Even though it may not matter much, it would not be negative to add a site seal included in the certificate on your website.
Typically, simple blogs with personal information or simple websites with few pages. To avoid warnings in the future that the website is not secure it is a minimum requirement to use SSL. Since there is no need for increased trust there is no need to pay for a certificate unless the free Basic SSL could not be issued.
A small website with information about the company and a contact form could have different need for SSL. Depending on what type of clients (IT and security related versus non IT related such as carpenters for example) we have different recommendations.
If the users of webmail, email and other services want to achieve easier use by having these also secured, you should choose Start SSL Plus (RapidSSL Wildcard).
Recommendations for IT, security, web shop or similar related clients:
If the users of webmail, email and other services want to achieve easier use by having these also secured, you should choose Basis SSL Plus or Start SSL Plus (RapidSSL Wildcard) which will be used for these only.
Larger website for a company
A larger website with information about the company and a blog, web shop or more.
If the users of webmail, email and other services want to achieve easier use by having these also secured, you should choose Basis SSL Plus or Start SSL Plus (RapidSSL Wildcard) which will be used for these only.
Premium SSL multi-domain (which include up to 5 addresses and great if you are using sub domains for your web shop or similar).
Several websites for a company on several domains
Here the same recommendations as mentioned above applies. You should consider each website separately as mentioned above.
It’s it usually best to order a certificate for each website, but if you have a good overview of the domains it may be best to consider Premium SSL multi-domain. If you do not need to increase trust we recommend Comodo Positive multi-domain SSL.
If you want a certificate for alias domains on the same web hosting you will need to use a multi-domain certificate for these. This also applies to other sub domains and domains pointing to the same folder on the web server. Read more about SSL certificates that covers more than one address.
SSL certificate not to be used for website
SSL certificate not to be used for websites are often used for email services. They are also used for other services such as FTP, APIs/apps and other services that require SSL. They have in common that they only need the security SSL provides. It is therefore no need for a higher-level certificate than DV certificate.
Since you can only use basic SSL with our web hosting, you will in most cases need a DV certificate (such as Start SSL) which covers one domain.
If you have several sub domains on the same domain you wish to use for such services, we recommend you use Start SSL Plus.
Hopefully this information will help you find the right SSL certificate for your need. If you are still unsure which one to choose, it is more important that you are using SSL – then which one it is.
Do not hesitate to send us feedback or questions. Should you have any questions please contact us.
