How do I protect my website and my cutomers

8 replies
  • ECOMMERCE
  • |
Hi Warriors...!

Today, I have a brand new studio to work as a graphic designer. I coded my own Website html5+css3+JS (basid on my knowledge). The main idea of this website is to catch customers by making accounts on my website to have access to tons of freebies, also in the future we are going to add a payments services for some stuff... (I will hire a good WebDev once we get istablish).

Now the question is how can I secure my WebSite Database and how I can hide customers email and personal information.

I really needs help on this domain, it will saves alot of time for my studies! Thanks for help...
#cutomers #protect #website
  • Profile picture of the author karenwilliams
    You can use SSL certificate to secure your website as it helps in secure transaction & securing information of your website.
    {{ DiscussionBoard.errors[10456414].message }}
  • Profile picture of the author unlimitcloud
    There are many ways, depends on how "vulnerable" your coding or site at this time.

    The basic should come from how you code your site if it's dynamic. Make sure to avoid most of the security holes of bad coding.
    The second will be the hosting or server firewalls setting.
    The third you can add SSL for better encryption.
    {{ DiscussionBoard.errors[10456502].message }}
    • Profile picture of the author Hermes Urbanus
      Originally Posted by karenwilliams View Post

      You can use SSL certificate to secure your website as it helps in secure transaction & securing information of your website.
      This ^^

      Originally Posted by unlimitcloud View Post

      There are many ways, depends on how "vulnerable" your coding or site at this time.

      The basic should come from how you code your site if it's dynamic. Make sure to avoid most of the security holes of bad coding.
      The second will be the hosting or server firewalls setting.
      The third you can add SSL for better encryption.
      And especially this ^^

      -

      You will have a heck of a time getting any payment gateway to accept you (except maybe PayPal's interface coding) on a website without an SSL. And the PayPal option, while convenient, is not optimal because a basic tenet of sales and marketing is to keep the customer on your site instead of re-directing them to another site and hoping they still convert.

      Further, you may want to look at renting a VPS because even if you can find a way to make an SSL work on a box with shared or managed hosting, it's still going to be a nightmare. (I'm not sure any of the recognized authorities will even certify an SSL on shared hosting. I'm not sure shared-hosting could even pass the required security audit that you need to qualify for an SSL certificate.)

      Personally, the best advice I can offer is to simply find someone who specializes in creating/designing eCommerce sites and hire them for the web project. Many who specialize in these websites will already have the knowledge and experience in all these areas. It may not be cheap, but if your business and your security are important, then it is simply a necessary cost of start-up.

      On the flip-side, you can learn and achieve what you need to know and do all by yourself. However, that is going to be time, money, and resources spent learning and experimenting - time, money, and resources that should be spent on establishing and growing your business.

      Above all else, your drive and your attitude will decide how far you go and what the result is. Whatever you choose, I wish you the best of fortune!
      Signature
      {{ DiscussionBoard.errors[10456577].message }}
      • Profile picture of the author Hermes Urbanus
        Quick update...

        As I was reading some other posts here on WF I noticed a user ( sbucciarel ) that offers an ecomm site in her signature for $25. Maybe not so expensive, after all. I know nothing about her or her services, but it seems to me that $25 would be a very small investment for skipping a lot of the learning process and focusing on your business.

        Just something to think about.

        Again, best of luck with your ecommerce endeavors!
        Signature
        {{ DiscussionBoard.errors[10456671].message }}
      • Profile picture of the author darkx29
        Originally Posted by Hermes Urbanus View Post

        This ^^



        And especially this ^^

        -

        You will have a heck of a time getting any payment gateway to accept you (except maybe PayPal's interface coding) on a website without an SSL. And the PayPal option, while convenient, is not optimal because a basic tenet of sales and marketing is to keep the customer on your site instead of re-directing them to another site and hoping they still convert.

        Further, you may want to look at renting a VPS because even if you can find a way to make an SSL work on a box with shared or managed hosting, it's still going to be a nightmare. (I'm not sure any of the recognized authorities will even certify an SSL on shared hosting. I'm not sure shared-hosting could even pass the required security audit that you need to qualify for an SSL certificate.)

        Personally, the best advice I can offer is to simply find someone who specializes in creating/designing eCommerce sites and hire them for the web project. Many who specialize in these websites will already have the knowledge and experience in all these areas. It may not be cheap, but if your business and your security are important, then it is simply a necessary cost of start-up.

        On the flip-side, you can learn and achieve what you need to know and do all by yourself. However, that is going to be time, money, and resources spent learning and experimenting - time, money, and resources that should be spent on establishing and growing your business.

        Above all else, your drive and your attitude will decide how far you go and what the result is. Whatever you choose, I wish you the best of fortune!
        I highly like your answer, thanks for your advice really appreciated, Well my codes are 100% clean , no mistakes and It's Not a dynamic website.

        I will hire a WebDev to take care about payment services page. because I'm not really strong on this domain. I've chosen the HostGator Business Plan since it offer a non shared host plus other great services of security system such as Private SSL & IP.

        On the flip-side I take lessons on this domain section (Lynda and treehouse and other platforms...), since I work alone on this one It feels like I'm in IronMan competition.

        I assume this is life work hard at start to be satisfied at the end

        Thanks everyone who commented on this Post
        Regards,
        Drakx29
        {{ DiscussionBoard.errors[10458196].message }}
      • Profile picture of the author Kingfish85
        Originally Posted by Hermes Urbanus View Post

        Further, you may want to look at renting a VPS because even if you can find a way to make an SSL work on a box with shared or managed hosting, it's still going to be a nightmare. (I'm not sure any of the recognized authorities will even certify an SSL on shared hosting. I'm not sure shared-hosting could even pass the required security audit that you need to qualify for an SSL certificate.)
        This is not true, just about every CA will issue a certificate as long as you provide the CSR. EV certificates while they have a lengthy approval process, the hosting platform has no bearing on whether a CA will issue a certificate or not.

        As far as it being a "nightmare" to install a certificate on shared hosting, this isn't the case either. Nearly every web hosting provider likely supports the ability to install an SSL Certificate - depending on the provider you use, the process could be a simple as a few clicks.

        For what it's worth, I think it should be known that an SSL Certificate will ONLY secure the data transmission between the clients browser & your site while inputting the data. Once the data is input, the SSL has nothing to do with anything. Furthermore, an SSL Certificate will not secure your site against vulnerable code, xss, sql injection, vulnerable scripts, poor passwords etc.

        An SSL Certificate will work with no issues on shared hosting as well, despite what's said above, that's completely false, it's very easy to install on shared hosting.
        {{ DiscussionBoard.errors[10459268].message }}
        • Profile picture of the author Hermes Urbanus
          EDIT:

          Actually, I originally just posted a long-winded retort. But then a flash of the blinding obvious appeared to me just after submitting a reply.

          Just a few questions, if I may...
          • Do you happen to offer any web-hosting services?
          • Possibly any type of shared-hosting?
          • Any chance you offer the safest, most-secure, most-reliable, most uber-awesome, greatest service on the web?
          • All for an unbelievably phenomenal, eco-friendly, affordable, so-low-it-should-be-a-crime price?
          • Is there any particular motivation you might have for insisting on the ease, safety, and security of shared hosting?
          I'm reminded of taking my son to the zoo a few years back and seeing a sign in the lion's den that kindly invited everyone to, "Join us for dinner!
          Signature
          {{ DiscussionBoard.errors[10460270].message }}
  • Profile picture of the author cheapsslusa
    I would recommend you go through an SSL certificate security to protect your user's information. An SSL certificate has different types, which delivers you an extra layers of security such as Domain Validated is basic SSL, where EV SSL or Extended Validation SSL Certificate is advance SSL certificate, which will offers you a green address bar.
    {{ DiscussionBoard.errors[10463576].message }}

Trending Topics