Security is a top priority for Google. That’s why Google Loves SSL Certified Websites or HTTPS. So it’s very helpful to get high rank in SEO (Search Engine Optimization). Now the impact is fewer than 1% of global queries, but it will change in future. It’s called HTTPS Everywhere: Every websites will be switch to HTTPS to keep everyone safe on the web. Check out this post Top 4 Basic Search Engine Optimization Tips for some basic tips of SEO.
For websites that deal with personal data, or transactions via the Internet, it is necessary to take measures for security of the web application. Processing transactions should be handled securely on the web. Meaning that we need to be able to transmit information between the web site and the web browser in a way that makes it difficult for other the server to intercept and read. To deal with such situations where we need security, we need a SSL or Secure Sockets Layer to take care of this.
What is SSL (Secure Sockets Layer) ? SSL is a a protocol much like the standard HTTP, but is a secure protocol that can receive and transfer data over the Internet. An encrypted SSL connection requires that the encrypted data to be passed to and from the web server and the web browser and to be decrypted at the receiving end. A SSL certificate is used to authenticate a web site.
What are SSL certificates ? The certificate contains the server’s public key, which is used by the browser to identify and authenticate the server and encrypt the information from the server using SSL. SSL certificates are much like any identification proof that once authenticated, permits the flow of encrypted information through the HTTPS.
There are three different types of SSL certificates you could use. Generally your web hosting companies may provide SSL certification for your website. Some may provide it as a free service, although it may not be any more secure than the standard HTTP.
Shared SSL : As the name suggests, multiple domain names share the same IP address making it easier for the host to managed single shared SSL over different servers. This is a comparatively cheaper method, as single SSL needed to encrypt an array of web sites.
Dedicated SSL : Dedicated SSL, much like dedicated hosting has SSL certification specifically for your root domain space. An HTTPS connection is verfied through a designated IP address. It is the most secure method but comes at a price.
Wildcard SSL : Wildcard SSL certifications will have multiple sub-domains for your website.
Nikita Buyanov is an industrial designer, project leader of Contract Wars, working title Russia 2028 and numerous other interactive/ad/game projects. Now he uncovered few outstanding laptop concepts.
This Russian was commissioned to design a series of conceptual, female-oriented laptops for HP/Intel. Nikita Buyanov’s ideas will rock our world. These are some examples of cute laptops for crazy girls.
The Heartbleed bug is one of the biggest security issue in the world wide web. The Heartbleed bug permits anyone on the web to browse the memory of the systems protected by the vulnerable versions of the OpenSSL package. SSL is short form of Secure Sockets Layer, a protocol for transmitting secure data via the Internet. You can easily recognise whether SSL is in use on a website. URLS that require an SSL connection start with https instead of http. OpenSSL is an open-source implementation of SSL. The Heartbleed bug enables attackers to pay attention to communications and steal information directly from the services and users from OpenSSL.
Google’s security team reported Heartbleed on April 1, 2014. Security company Codenomicon gave Heartbleed a reputation and a emblem, tributary to public awareness of the difficulty.
Bug was introduced to OpenSSL in December 2011 and has been out in the wild since OpenSSL released 1.0.1 on 14th of March 2012. OpenSSL 1.0.1g released on 7th of April 2014 fixes the bug. So we can fix the problem using the right way. Upgrade OpenSSL to the latest version (OpenSSL 1.0.1g ) by server side .
Heartbleed went undetected for the past 2 years, and nobody is aware of who might have identified regarding it throughout that point or what they are doing. Currently that’s got into the open, up to a 0.5 million trustworthy websites—including many who individuals use a day, like GitHub, Yahoo, Facebo ok, Google, Wikipedia, Amazon, Twitter, Apple and Stack Overflow. They have been scrambling to patch the flaw and update their security protocols to shield users. The Canadian federal government quickly shut down online services of the Canada Revenue Agency (CRA) and a number of other government departments over Heartbleed bug security issues on April 8 2014. They made announcements recommending that users update passwords in response to the bug .
Security researcher Steve Gibson stated “it’s not just a server-side vulnerability, it’s also a client-side vulnerability because the server, or whomever you connect to, is as able to ask you for a heartbeat back as you are to ask them.” Google has confirmed that Android version 4.1.1 (Jelly Bean) has the Heartbleed bug. This affects approximately 50 million Android devices and remains unpatched.
Change your passwords on vulnerable sites immediately and change password again when the sites fix their server issues.