What is a SSL certificate and why do we need one ?

We use SSL certificates  to provide a secure connection between you the visitor and the server.

This allows many business such as banks to provide you with the ability to manage your data online securely, it’s not only banks or large business that use them.

We would always recommend that you get an SSL certificate free or paid, it helps provide visitors a level of protection for your visitors when visiting your site. This could be a small blog or a startup eCommerce site selling gifts.

Google now requires you to allow visitors to visit your website using https which requires a SSL certificate.

How do I get one?

If you’re using our shared hosting service, we provide you with a free SSL certificate using the Let’s Encrypt service¬†which is free to use for everyone.

If you are not using a shared hosting service you can also use Let’s Encrypt on your own server as it supports many types of web server installations which is also free to use.

You can also have the choice to buy an SSL certificate which will provide you with lots of other features depending on the type of certificate you buy.

Forcing HTTPS on Apache

Most times with website hosting you don’t have access to the root of the Apache configuration, we would also suggest this method for most websites that use Apache as it’s

If you have any code already in your .htaccess place this above it!

If you just wish to direct all users to SSL and with no extra conditions this will do the job:

RewriteEngine On 
RewriteCond %{SERVER_PORT} 80 
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]

You can also specify to redirect to SSL if the access your site via a specific domain name:

RewriteEngine On 
RewriteCond %{HTTP_HOST} ^example\.com [NC]
RewriteCond %{SERVER_PORT} 80 
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]

You can also set it to only work on a specific folder:

RewriteEngine On 
RewriteCond %{SERVER_PORT} 80 
RewriteCond %{REQUEST_URI} folder 
RewriteRule ^(.*)$ https://www.example.com/folder/$1 [R,L]

 

Forcing HTTPS on NGINX

Unlike Apache NGINX does not have a file that you can place in directories so this will require you to edit your default sites file.

server {
       listen         80;
       listen    [::]:80;
       server_name    example.com;
       return         301 https://$server_name$request_uri;
}

server {
        listen 443 ssl http2 default_server;
        listen [::]:443 ssl http2 default_server;

        root /var/www/html;

        index index.html index.htm index.nginx-debian.html;

        server_name example.com;

        location / {
                try_files $uri $uri/ =404;
        }

        ssl_certificate /etc/nginx/ssl/example.com.crt;
        ssl_certificate_key /etc/nginx/ssl/example.com.key;
        ssl_dhparam /etc/nginx/ssl/dhparam.pem;
}

 

If you have any questions regarding any information in this support article please let us know by contacting our support team.