Why Do I Need An SSL Certificate?

This blog post will first try to explain what an SSL certificate is and why you may need one. I will try to keep it plain and simple, but there may be areas that become a little technical.

What is the purpose of an SSL certificate? Well an SSL certificate allows your web browser to make a secure connection to a web service while claiming that you can trust the secure connection.

When you enter a website’s URL into your browser and hit enter, you’re starting a process of establishing a secure connection to that website. This is done through SSL (Secure Sockets Layer) or its successor, TLS (Transport Layer Security).

The process begins with a handshake where the browser and server exchange keys to create a secure connection. The server sends a certificate to prove its identity, and once the browser verifies this certificate, a unique session key is generated for encrypting the data. This ensures that the information you send and receive is protected from eavesdroppers.

While this is a very simple example, it gives you a basic idea of what happens between the web browser and web server during an encrypted browsing session.

Now since we have covered the basics of how SSL works, what are some reasons to use SSL?

  • Helps keep data secure. Without encryption, anyone can potentially view the data you transmit over the Internet.
  • Helps to give confidence to people using your website. When they see the SSL lock icon in their web browser, it makes your web visitors feel secure (and they should be secure!).
  • SSL encryption prevents third parties from modifying a website’s content before it reaches your web visitors. This can be a problem if you are dealing with sensitive information (or any information really). This is why having SSL on a website that technically does not need it can still be beneficial.
  • Adding to the above information, some ISPs have inserted their own scripts / notifications into the web pages their customers visit. This makes for a poor experience for the customer, and also makes the website owner look bad, since most customers are going to blame the website owner for the “bad experience”, instead of their ISP.
  • Having SSL enabled on your website can help with getting a better search engine ranking from Google.
  • Many mainstream web browsers require an SSL enabled website if you wish to use the new HTTP/2 protocol with your website.
  • You definitely need one if you are running an online web store. No one will want to shop on your website if your website is not serving content over an encrypted connection.
  • SSL encryption also hides the specific location you visited on a website.  —  For example, if I go to https://example.com/contact, since the website is using encryption, my ISP can only see that I visited the domain example.com. The encryption hides the /contact part of the URL. So my ISP knows I visited example.com, but they have no clue what webpages I visited on that particular website. Pretty neat, huh?

I hope I have helped you have a basic understanding of what an SSL certificate is and why it can be useful to have one for your website.


Posted in Computers, Internet and Servers, Security

What are Name Servers and why does my Web Domain Need Them?

If you have ever started a website, you probably have heard the term “name-server” before. However, you may not understand what they are and why they are an important part of the web-hosting infrastructure. I will try to keep this explanation simple yet useful.

A name-server is a server that specializes in answering queries regarding people’s domains and the various services that they are providing.

You can think of a name-server like a telephone book that lists phone numbers associated with names. In a similar way, a name-server lists information (e.g., IP addresses) associated with a particular queried domain name.

For example, when someone types in blog.computerlagoon.com, their DNS server sends an inquiry to one of my name-servers asking for information such as the IP address. All information the software needs in order to make a connection with my server.

Without a name-server (or DNS servers in general), you would be typing out numbers (e.g., 12.34.56.789) to access web services instead of domains (e.g., example.com).  As you can see, typing out names is far easier than remembering a series of numbers for every website you visited.

You also want to make sure your web domain has at least two name-servers associated with it. Why? Because if you only have one name-server and that name-server happens to go down, no one that has not recently accessed your domain will be able to get your IP address to connect to your website.

Worse. If you have no name-servers online for an extended period of time (e.g., major outage), then search engines like Google may think that your website is no longer online and delist it from their search results.

That is why having at least two name-servers is recommended.


Posted in Computers, Internet and Servers

What is the Safest Free Website Hosting Service Available to the Public?

This is a good question. Unfortunately, there really is no “safest, free” web hosting service out there. However, I will discuss the good, bad, and the ugly of using a “free” web hosting service.

Please remember anytime you use a “free” online service, the service itself is not really free. Why? Well because they have your data. Today, data is like a product to sell. People can sell data they collect to people like advertisers and private companies who can make use of it (for good reasons…or bad reasons).

Unfortunately this data is usually personal information you provided through a “free” e-mail account, “free” instant messaging service, “free” video call (e.g., Skype), “free” web hosting account, “free” file storage (who puts their personal files [like photos] on a random, who-knows-who-really-owns-it server anyway?), “free” video hosting service (e.g., YouTube), etc.  You get the idea.

The companies that provide free web hosting services are very likely selling your data to other companies. In addition, this is why if you do anything personal on your “free” web hosting account, it really is not private.

The Good

  • No technical knowledge of hosting websites needed to get started
  • No worry about making backups (if using a good provider; I would still make my own backups to be on the safe side)
  • No worry about server maintenance (e.g., replacing failed hardware, restoring a server operating system because of a successful hacking attempt, managing server upgrades, etc.)

The Bad

  • No control over how much disk space you can have (since it is free, you cannot demand them to give you more disk space than they already provided you with)
  • No control over how much bandwidth you can have (since it is free, you cannot demand them to give you more bandwidth than they already provided you with)
  • No control over service outages (they probably will just silently fix the issues with little to no notifications about what happened)
  • They usually will not be very reliable, since they are not making much money (from web ads) if any money at all.
  • You probably will not know who really is running the free web hosting service. While that is not necessarily a problem, I personally would want to know who is hosting my web sites.

The Ugly

  • No control over your data (they have your website data you do not!)
  • Anyone at the company (or individual hosting free accounts) can snoop in your website data that you have uploaded to their servers.
  • Your “free” web hosting service with _all_ of your data could be deactivated and erased with no prior notice for _any_ reason they deem acceptable.
  • Your data may also be stored permanently in backups the free hosting service makes, which means when you delete data off their servers; it really is not deleted, since they can restore your deleted data from a backup!
  • They can up and “disappear” overnight, taking your websites with them (in other words, do not be hosting your business website on a “free” web hosting service!). Since they are “free”, they have no obligations to any of their users.

You may want to consider carefully reading the “Terms of Service” agreement for “free” web hosting providers to see how they deal with their users’ privacy.


Posted in Computers, Internet and Servers

What is the Safest Free Email Service Available to the Public?

This is a good question I will try to answer. There really is no “safest, free” e-mail service out there. However, I will discuss the good, bad, and the ugly of using a “free” email service.

Please remember anytime you use a “free” online service, the service itself is not really free. Why? Well because they have your data. Today, data is like a product to sell. People can sell data they collect to people like advertisers and private companies who can make use of it (for good reasons……or bad reasons).

Unfortunately this data is usually personal information you provided through a “free” e-mail account, “free” instant messaging service, “free” video call (e.g., Skype), “free” web hosting account, “free” file storage (who puts their personal files [like photos] on a random, who-knows-who-really-owns-it server anyway?), “free” video hosting service (e.g., YouTube), etc.  You get the idea.

These companies that provide free e-mail services are probably selling your data to other companies. This is one way they can make money to pay for hosting those “free” e-mail accounts to begin with. Also, this is why if you do anything personal on your “free” e-mail account, it isn’t really private.

The Good

  • No technical knowledge of email needed to get started
  • No worry about making backups (if using a reputable provider like Gmail)
  • No worry about blocking spam (the provider should be doing this for you anyway)
  • No worry about managing your own server to run your own e-mail server
  • No worry about others not getting their e-mails to you (reliable providers should be constantly monitoring their servers for issues like Gmail or Yahoo would do)

The Bad

  • No control over how much disk space you can have
  • No control over who the service provider decides to block e-mails coming from / or going to
  • No control over service outages (they probably will just silently fix the issues with little to no notifications about what happened)
  • Sometimes you may not get the exact name you want for your e-mail address, since someone else may have previously taken the same name (for example: you want john.doe@example.com, but someone has already taken that name; you then may have to settle for john.doe193@example.com instead…not something that everyone may want)

The Ugly

  • No control over your data (they have your e-mails, you do not!)
  • No ownership of your e-mails (not only do you not control your e-mails, you technically do not own them either…they do)  —- I know you may disagree with me, but let’s face facts, like I said before, they have the data, not you!
  • Anyone at the company (or individual hosting free accounts) can snoop into your e-mails that you send or receive.
  • Your “free” e-mail service with _all_ of your e-mails could be deactivated and erased with no prior notice for _any_ reason they deem acceptable.
  • Your emails may also be stored permanently in backups the hosting service makes, which means when you delete an e-mail, it may not really be deleted!

You may want to consider carefully reading the “Terms of Service” agreement for “free” e-mail providers to see how they deal with their users’ privacy.


Posted in Computers, Internet and Servers, Security

‹ Older Posts Newer Posts ›