SSL-based Secure Data Transfer with Handheld Devices

Problem definition:
The secure sockets layer (SSL) security protocol is largely used nowadays
by the World Wide Web to secure Internet communications and an increasing
number of handheld devices are provided by the manufacturers with preinstalled
applications ‫( التطبيقات المثبتة مسبًقا‬e.g. Web browsers) and digital certificates in
order to support SSL in wireless environments too. We present first a
comprehensive ‫شامل‬ analysis of SSL protocol and the cryptographic ‫التشفير‬
algorithms used as building blocks in the protocol. We demonstrate next that SSL
support embedded ‫ مغروس‬also in other applications for some mobile devices
does not impact significantly on overall application's performance when
communicating with other parties. We wanted to use for our experimental setup,
APIs (Application Programming Interface) and tools that are either available for
the majority of the handheld devices or that can be downloaded and tested freely
and without major modifications. This is the especially the case of application
developers, who preferably would not use modified versions of cryptographic
libraries ‫ مكتبات التشفير‬and special drivers characteristic to academic/commercial
testing environments. We also developed a tool named SSLperf (SSL performance)
for testing SSL security protocol's performance when transferring either small
amounts of data (e.g. credit card number) or of medium dimension (e.g. a
document in PDF format), with handheld devices. We've compared the results
obtained with SSLperf on Windows CE-enabled handheld and pocket PCs and
'powerful' Windows 2000/XP-enabled platforms with other related works.
Problem Overview

` The security issue is the main concern ‫ َهم‬for all the online retailers. The
intruders can attack the system and make the system and the database of the e-
commerce companies and hack the sensitive data ‫ اختراق البيانات الحساسة‬of the
company, the financial data and the personal details of the customers. If the
customers' data gets breached ‫ يتم اختراق البيانات‬then the data, the privacy of
the customers will get compromised. The e-commerce sites can face huge loss;
they can even lose the customers' base. The cyber attackers generally carry out the
malicious activities by incorporating virus ‫األنشطة الضارة عن طريق دمج‬
‫ الفيروس‬in the system of the e-commerce server, by taking control over the
insecure network of the e-retailers ]5[ ‫شبكة غير آمنة من تجار التجزئة اإللكترونية‬.
Trojan horse ‫ حصان طروادة‬and the logic bombs ‫ القنابل المنطقية‬are two kinds of
threats ‫ التهديدات‬and take away the sensitive information of the system and the
database. Another kind of threat is Denial of Service Attacks ‫هجمات حجب الخدمة‬
and this attack is responsible to take control of one' system and disallow the
owner to access their own system. This attack is also responsible to shut down
one's server and one's system. Another popular attack is a phishing attack. ‫هجوم‬
‫التصيد‬The cyber attackers ‫ المهاجمين السيبرانيين‬develop a website which is
genuine e-commerce ‫ التجارة اإللكترونية الحقيقية‬website's lookalike. ‫يبدو مشابها‬
They simply copy the HTML code and carry out the attack. Besides those threats
discussed, there are vulnerabilities ‫ نقاط الضعف‬too [6]. The vulnerabilities incur
‫ يتكبد‬due to the attack from the Structured Query Language (SQL) injection,
‫ حقنة‬cross-site scripting, ‫ عبر موقع البرمجة‬customers choosing weak passwords
and lots more. The security measures must be applied to mitigate ‫ يخفف من‬these
aforesaid threats and the vulnerabilities ‫ التهديدات ونقاط الضعف المذكورة‬related
to e-commerce.

Project Overview

The e-commerce site is developed keeping in mind the individual

customers ‫ العمالء األفراد‬as well as the corporate customers, ‫عمالء مساهمين‬this
help in conducting the business operations and transaction of goods in large
volumes. The e-commerce provides various kinds of facilities like non-cash
payment, the customers do not have to pay in cash, and they can simply choose to
pay via debit card, credit card and via online banking [2]. The customers can get
the facility to provide 24x7 services, they can shop at their convenient times,
‫ أوقات مناسبة‬can shop on the go. The online retail stores provide better support to
the customers; the customers can keep in touch with the e-commerce industry all
the time and get solutions to all their queries. ‫ ستفساراتهم‬Thus security and
privacy are important. The e-commerce giants ‫ العمالقة‬like Amazon, eBay invests
heavy on these e-commerce websites for ensuring the privacy of the customers
and the security of the website as well as the company. There is a high risk of
security breaches ‫ مخاطر عالية من الخروقات األمنية‬due to the cyber- attacks
‫ الهجمات السيبرانية‬from the hackers. Thus it is absolute necessity to implement
security features to theses websites [3].
This report will focus on to research the security measures by which the
personal sensitive information can be protected and secured. The technology that is
used in the e- commerce websites is secure socket layer (SSL), https, hypertext
transfer protocol (HTTP) and Secure hypertext transfer protocol (SHTTP). Secure
Socket Layer is widely used convention and is used to conduct the business ‫للقيام‬
 ‫ باألعمال‬operations securely and effectively. It is known to provide the security
features- non-reputability, ‫ عدم السمعة‬- ‫ الميزات‬validation, ‫ تصديق‬encryption
and trustworthiness ]4[ ‫الجدارة بالثقة‬. The https is used for HTTP URLs (Uniform
Resource Locator) along with SSL whereas HTTP is used for HTTP URLs and not
along with SSL. The Secure hypertext transfer protocol caters secure transactions
over the Internet. It assists in authentication ‫ يساعد في المصادقة‬of the client by
implementing encryption method. SHTTP is incorporated ‫ إدماج‬into browsers to
cater the routine security over the Internet.

How to connect SSL to database?

To create the directory ‫ الدليل‬that will contain the SSL keys, perform the
following steps:

1. Log in to your server via SSH. For more information, read our SSH Access
documentation.

2. Create an SSL key storage directory that MySQL can access. For example, run the
mkdir /mysql_keys command to create a mysql_keys directory. ‫دليل‬
‫المفاتيح‬

How to connect SSL to database?

To create the directory that will contain the SSL keys, perform the following
steps:
1. Log in to your server via SSH (Secure Socket Shell). For more information, read
our SSH Access documentation.
2. Create an SSL key storage directory that MySQL can access. For example, run the
mkdir /mysql_keys command to create a mysql_keys directory.

How SSL protocol is used for secure transaction? ‫عملية‬

SSL encrypts sensitive details such as login credentials, ‫بيانات اعتماد‬
‫ تسجيل الدخول‬social security ‫ الضمان االجتماعي‬numbers, and bank information
so that nauthorized users cannot interpret ‫ يفسر‬and use the data, even if they see it.
The lock icon users ‫ مستخدمي األيقونة‬see on SSL-secured websites and the
“https” address indicate that a secure connection is present.

System Analyses:
Secure Socket Layer (SSL) provides security to the data that is transferred
between web browser and server.

SSL is standard technology for securing an internet connection by

encrypting data sent between a website and a browser (or between two servers). It
prevents hackers ‫ المتسللين‬from seeing or stealing any information transferred,
including personal or financial data. ‫البيانات المالية‬
Security analysis and configuration of SSL protocol
SSL (secure sockets layer) protocol is one of key technologies to keep user
psil as data in secure transmission via Internet. This paper is present to analyze the
security of SSL protocol and propose a new scheme of SSL protocol configured ‫تم‬
‫ تكوينه‬in the Linux ‫ لينكس‬operating system (OS). The experimental results show
that the proposed scheme is feasible and practical as a secure solution for Web-
based communication, and the SSL protocol is compatible ‫ متناسق‬to the other
protocol in application layer via proper configuration.
I. Introduction

With the rapid development of computer network, many sensitive

messages about military, commerce and personal communication, etc, need to be
transmitted via the Internet. The security of network communication becomes a hot
issue for all computer users [1]. Therefore, many security solution schemes are
proposed [2]–[4]. SSL (Here, “SSL” is referred to both the Transport Layer
Security (TLS) protocol and Secure Sockets Layer (SSL).) is the predominant and
most widely used security protocol among these solutions [5], [6]. The SSL
protocol can provide a connection-oriented security framework and mechanism
‫ إطار وآلية األمان الموجهة نحو االتصال‬for data transmission on the Internet. It
realizes the security functions of data confidentiality, ‫ سرية‬message integrity ‫نزاهة‬
and endpoint authentication. ‫ مصادقة نقطة النهاية‬Most developers consider the
SSL protocol to be sound and secure in practice. In addition, the SSL has the
benefits of implementation simplicity and low cost. All existing application layer
programs can run on the SSL without modification. So the scheme of web security
communication based on SSL is preferential among ‫ التفضيلية بين‬all existing
solutions for protecting the security of data transmission on the Internet.

What is SSL and how to implement it?

SSL stands for Secure Sockets Layer. It is the standard technology that
uses encryption algorithms to scramble ‫ تزاحم‬data in transit. ‫في مرحلة انتقالية‬
This aims to keep internet connections secure and safeguards ‫ الضمانات‬any
sensitive data that is being sent between two computers which prevents hackers
‫ المتسللين‬from modifying and reading any information transferred.
 SSL Certificate

To implement SSL for your website, first you must get an SSL certificate.
SSL Certificates are small data files that digitally bind a cryptographic key ‫ربط‬
‫ مفتاح التشفير‬to an organization’s detail, or simply it is a paragraph of letters and
numbers that only your site knows – like a really “long password”. When installed
on a web server, it activates the padlock ‫ ينشط القفل‬and the https protocol and
allows secure data transfer from a web server to a browser.

How to get SSL Certificate

Technically speaking you can create an SSL Certificate by yourself, but

the problem is that all the popular browsers ‫ المتصفحات الشعبية‬check with
Certificate Authorities” (CA’s) which also have a copy of that “long password”
and can vouch for you. In order to be recognized ‫ معروف‬by these authorities, you
must purchase a certificate through them.
That is why you must pay a Certificate Authority for your SSL certificate.
But before rushing up ‫ التسرع‬and buying you SSL Certificate, you should check
with your web hosting provider ‫ مزود استضافة الويب الخاص بك‬because maybe
your web hosting package might include a free SSL certificate.

How to Install an SSL Certificate

1. Step 1: Gather Requirements.
 1.1 Types of Certificates.
1.2 Commercial vs Free.

1.3 SSL in the Cloud. ... ‫الغيمة‬

2. Step 2: Create Certificate.

2.1 Overview of Steps.

2.2 Install Certbot Client. ‫تثبيت عميل سيرتبوت‬

2.3 Generate Certificate. ...
3. Step 3: Final Steps.
3.1 Force HTTPS.
3.2 Check Mixed Content.
Implementing SSL

After getting your SSL certificate, you have to do three more steps to
implement SSL on your website:

1.Activate the SSL certificate (Note: your web host might do this step for
you).
2.Install the certificate (Note: your web host might also do this step for you).
3.Update your site to use HTTPS.

How do you test and validate ‫ التحقق من صحة‬the security of your SSL
implementations ‫ التطبيقات‬and protocols?

Secure Sockets Layer (SSL) is a protocol that encrypts and authenticates

the communication between a client and a server over the internet. It is widely used
to protect sensitive data, such as passwords, credit card numbers, and personal
information, from being intercepted or tampered ‫ اعتراضها أو العبث بها‬with by
malicious actors. ‫ الجهات الفاعلة الخبيثة‬However, SSL is not foolproof, ‫ال يمكن‬
‫ استخدامه بسوء‬and it can be vulnerable ‫ ُمَعَّر ض‬to various attacks, such as man-
in-the-middle (MITM), downgrade, and certificate spoofing. ‫الرجوع إلى إصدار‬
‫أقدم وانتحال الشهادة‬
Therefore, it is essential to test and validate the security of your SSL
implementations and protocols regularly, ‫بانتظام‬to ensure that they comply ‫يمتثل‬
with the best practices and standards, and to identify and fix any potential
weaknesses or flaws. ‫ نقاط الضعف أو العيوب المحتملة‬In this article, we will show
you how to do that using some simple tools and techniques.

What is SSL in security testing?

SSL is standard technology for securing an internet connection by
encrypting data sent between a website and a browser (or between two servers). It
prevents hackers from seeing or stealing ‫ المتسللين من رؤية أو سرقة‬any
information transferred, including personal or financial data.

How to Install an SSL Certificate

Introduction

With an SSL certificate, your website can use the HTTPS protocol to
securely transfer information from point A to B. This is crucial ‫ مهم‬when
transferring sensitive information like credit card data on checkout ‫ الدفع‬pages
and personally identifiable ‫ التعرف عليها‬information (PII) on login and contact
forms.
 In addition to security benefits, websites with SSL encryption get better rankings
‫ التصنيف العالمي‬on Google and improved performance through the use of
HTTP/2. It’s also important to understand that SSL does not protect your
website — rather, it protects the data that is sent through your website.
This guide is designed to show beginners and intermediate ‫المبتدئين والمتوسطين‬
users how to add a free SSL certificate from Let’s Encrypt on their self-
hosted websites.

Prot ect Your Site

& Get

Step 1: Gather Requirements

It is now easier than ever to use HTTPS on your website. Beginners should
start by having a conversation with their hosting company about the options they
offer.

There are a few easy ways to add SSL to your website:

Some hosts offer ‫يقدم بعض المضيفين‬

1. free SSL, including one-click SSL options (i.e. SiteGround, WPEngine).

2. Many hosts offer paid SSL and will implement the certificates for you (i.e.
GoDaddy).
3. Intermediate users can generate their own free SSL certificate (i.e. Certbot / Let’s
Encrypt).

Regardless of the type of certificate you choose, the encryption and level of
security is the same.

Get Help
Looking f website security? We’ot you covered.

1.1 Types of SSL Certificates

Some visitors recognize the additional authenticity and trust offered

extended validation ‫( التحقق الموسع‬EV) and organization validated ‫التحقق من‬
‫( صحة المنظمة‬OV) certificates due to their rigorous validation process. ‫عملية‬
‫التحقق الصارمة‬

There are three types of certificates to be familiar with:

Domain Validated (DV) ‫تم التحقق من صحة المجال‬
DV certificates only need the certificate authority ‫ سلطة التصديق‬to verify
that the user requesting the certificate owns and administers the domain. ‫يدير‬
‫ المجال‬Visitors will see a lock icon in their address bar, but no specific
information about the owner.

Organization Validated (OV) ‫تم التحقق من صحة المنظمة‬

OV certificates require a certificate authority to confirm the business
making the request is registered and legitimate. ‫ مسجلة وشرعية‬When visitors
click the green lock icon in their browser, the business name is listed.

Extended Validation (EV) ‫التحقق من الصحة الموسعة‬

EV certificates require even more documentation for the certificate authority
to validate the organization. Visitors will see the name of the business inside the
address bar (in addition to clicking the lock icon); however, most updated browsers
no longer display the EV visual indicator.

1.2 Commercial vs. Free SSL Certificates

It’s important to understand the difference between commercial
and free certificates.

Commercial (paid) SSL certificates

These are a decent option for many website owners. Paying a certificate
authority (or your hosting company ‫ )شركة استضافة‬will often give you the
benefits of technical support. The encryption level is the same as with free SSL
certificates. The key differentiator ‫ التمييز الرئيسي‬will come in the level of
support you get with your certificate.

Free SSL certificates

These are being spearheaded ‫ قاد‬by the Let’s Encrypt initiative – an open
collaboration between a number of global organizations focused on making SSL
certificates accessible to all website owners.

Note

Many hosts offer specific instructions on how to deploy ‫ لنشر‬free SSL

certificates. Check with your host’s support channels and articles for more
information before following this guide.
1.3 SSL in the Cloud

You can also get the benefits of SSL certificates through cloud providers,
such as content delivery networks (CDNs) and website application firewalls
(WAFs) solutions like the one from Sucuri, ‫ العصائر‬who offer it at no additional
charge.These services are a proxy ‫ وكيل‬between the visitor and your website. By
changing your domain records to point to their servers, they can cache your content
to make your website faster and filter out malicious traffic. ‫ارة‬e‫رور الض‬e‫ة الم‬e‫حرك‬
This also means that the browser recognizes which server IPs are connected to
your domain, allowing for the use of DV certificates.
These providers can also work with your own SSL certificate. If you are a
Sucuri customer, ‫ عصائر العمالء‬you can contact our technical support team for
information and assistance.
 Note

If you are implementing an SSL certificate through your host, you may
want to skip ahead ‫ تخط إلى األمام‬to Step 3: Important Final Steps.
1.4 Getting a free SSL Certificate

The following guide works best if you have a dedicated ‫ مخلص‬IP for your
site (through a VPS or dedicated server). If you’re on a shared platform, talk to
your host about deploying Let’s Encrypt; a number of hosts have automated the
process of deploying a free SSL for shared hosting accounts. It is possible to use
server name indication (SNI) with one server IP address and generate certificates
for all sites on the server.
The rest of this guide will assume you have full access and control of your
web server.

You will need the following information about your server:

 IP address
 Server username (with admin or sudo privileges)
 User password (or preferably SSH key authentication)
 Software (i.e. Apache, nginx, IIS)
 Operating system and version number (i.e. Debian 7, Ubuntu 16.04, etc.)
 SSH Access Through cPanel

Step 2: Generate Certificate

Now that you have all the required information, you can connect to your
server and install a tool that will generate an SSL certificate.

From your computer, you need a way to log into your server and send SSH
commands. If you are on a Mac, you can use Terminal (built-in application) and on
Windows you can download PuTTY. Some hosts also offer a web interface for
running commands on your server.

Note
The instructions will vary depending on your server software and system.
Some systems do not support Certbot, but you can find a list of other reputable
clients that should work with your server environment.

2.1 Overview of Steps

Here is a quick overview of how you can get a free SSL certificate from
Let’s Encrypt using the Certbot tool.

Overview of steps to use Certbot:

1. Connect to your server over SSH using the IP address, username, and password.
2. Visit the Certbot website and choose your server operating system and software.
3. Follow the instructions given for your server to do the next steps.
4. Run any commands listed to install dependencies.
5. Run the commands listed to install Certbot.
6. Run the commands listed to generate the certificate.
7. Provide an email address when prompted.
8. Agree to the terms when prompted.
9. Run the commands listed to test renewals under Automating Renewal.
10.Set up a cron or system job on your server to automate the renewal process

The following images and animations illustrate the entire process for a server using
Apache on Ubuntu 16.04.

2.2 Install Certbot Client

Using the instructions provided for your server, install any dependencies and the
Certbot tool. ‫أداة سيرتب‬The following images are an example of what you can

expect.
Note
If you are getting permission errors, check with your host to ensure your user has
permissions to run administrative commands (i.e. sudo).

2.3 Generate SSL Certificate

Continuing with the same set of instructions, the Get Started section will
provide the commands needed to create the SSL certificate for your website. The
following images are an example of what you can expect.
Make a Secure Backup

After generating the certificate the Important Notes shows the location of
your Certbot configuration directory. This contains your account credentials,
certificate, and private keys.

You should navigate to this location on your server and download a backup.
If you aren’t sure how to do this, you can follow our post on how to make
backups over the command line.
 2.4 Automate Renewal
Now you have an active SSL certificate on your site! Your certificate will
expire, however. Let’s Encrypt certificates are only valid for 90 days. You can
automate this process so you don’t have to remember to manually renew the
certificate.

It’s recommended to set the cron or systemd job to renew the certificate
twice a day. Before you begin, note the location of your Certbot configuration
directory from the previous step.

To schedule the cron job that renews the SSL certificate:

1. Connect to your server.

2. Run the command crontab -e
3. If prompted, choose a text editor (i.e. nano)
4. Enter the following command, taking care to replace the location with the one
provided when you generated the certificate:

52 0,12 * * * root /var/log/letsencrypt/certbot-auto renew --quiet

5. Open your website to verify it is operational

Note
Some server configurations may need to run additional commands to load the new
certs.
You can view the full documentation on Certbot renewals for more
information.

These charitable organizations are working to help make the internet a safer
place for everyone. While these tools are free, you can donate to help support both
Let’s Encrypt and Certbot.

1. https://letsencrypt.org/donate/
2. https://supporters.eff.org/donate/support-work-on-certbot

We’ve outlined instructions below for how to manually install a certificate

(free or paid) using a hosting control panel such as Plesk or cPanel

How to install an SSL cert via the Plesk control panel:

1. Generate a CSR login to the Plesk admin control panel.

2. In the Websites and Domains section for the domain name you want to use,
click SSL/TLS Certificates.
3. Click Add SSL Certificate.
4. Enter a Certificate name, complete the fields in the Settings section, and then
click Request.
5. Click the name of the certificate you added to Plesk.
 Your certificate signing request displays in the CSR section.

How to upload your SSL certificate:

1. Login to the Plesk admin control panel.

2. In the Websites and Domains section for the domain name you want to use,
click SSL/TLS Certificates.
3. Use the Upload the certificate files section to upload the certificate files from
your local machine, and then click Send Files.

How to activate your SSL certificate:

1. Go to the Websites & Domains tab of the Plesk admin control panel.
2. In the section for the domain name you want to use, click Hosting Settings.
3. In the Security section, select SSL support.
4. Select the Certificate you created, and then click OK.

How to generate a new Certificate Signing Request (CSR):

1. Log into your cPanel admin

2. From the cPanel home page, go to Security section, and then click SSL/TLS
3. Under Certificate Signing Requests (CSR), click Generate, view, or delete SSL
certificate signing requests.
4. Complete the fields in the Generate a New Certificate Signing Request (CSR)
section.
5. At the bottom of the form, click the Generate button.
6. On the new page, your CSR will display in the Encoded Certificate Signing
Request section. You’ll need to make a copy of the CSR to request an SSL
certificate.

How to install the SSL certificate:

1. Launch cPanel admin.

2. In the Security section, click SSL/TLS.
3. Under Certificates (CRT), click Generate, view, upload, or delete SSL certificates.
4. Use the Upload Certificate section to upload the primary certificate (.crt file with
randomized name) from your local machine and click Upload Certificate.
5. On the new page, click Go Back.
6. Scroll down to the bottom of the SSL Certificates page and click Return to SSL
Manager.
7. Under Install and Manage SSL for your site (HTTPS), click Manage SSL Sites.
8. Scroll down to the Install an SSL Website and click Browse Certificates.
9. Select the certificate that you want to activate and click Use Certificate. This will
auto-fill the fields for the certificate.
10.Scroll down to the bottom of the page and click Install Certificate.
11.On the Successfully Installed pop up, click OK

Step 3: Final Steps

While HTTPS is now an option on your site, the HTTP version of your site
can still be accessed. Ideally, you should force all visitors (including search
engines) to see the HTTPS version of your site. You should also take steps to fix
mixed content warnings and update any proxy-based cloud services (such as
firewalls and CDNs) to work with your new SSL certificate.
3.1 Force HTTPS
To force visitors to access your site only over HTTPS, you can edit
your .htaccess or web.config file depending on your operating system and
configuration. You can find this in the root of your site, and you may need to show
hidden files to find it. Make sure to backup your control files before making any
changes.

There are other methods for Apache, such as using your virtual host file. If
you use an IIS server you can follow instructions to use the URL Rewrite
Module and nginx servers can use the nginx configuration file.

Copy this directive into the .htaccess file to redirect HTTP visitors to the
HTTPS version of your site:

Code Snippet – Add into .htaccess file:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteCond %{HTTP_HOST} ^(www\.)?domain\.com$ [NC]
RewriteRule ^(.*)$ https://www.domain.com/$1 [L,R=301]
Copy
Caution
Editing the .htaccess file can cause issues with more sites with complex structures.
The rewrite below works best for websites on a dedicated server or VPS running
Apache. You need to replace domain with your domain name for the sample code
to work.
3.2 Check for Mixed Content Warnings
While your site is now available on HTTPS, you might still have resources
linked to your website that load over HTTP. This includes things like images,
videos, and external resources.

Browsers will block this content as “unsafe”, which can also cause broken
functionality of your site and security warnings in browsers.

Examples of “Unsafe” Warnings:

 You can use the same SSH access that you used to generate the certificate to
run a command and find any files that reference http:// directly.

To find resources loading over HTTP, run the following command:

grep -r "http://"
This will list all files to investigate in your server or CMS. Simply change all
resource URLs from http:// to https:// or to a relative path.

You should also query your database or manually look through posts and pages for
HTTP content. There are plugins and extensions ‫ ملحقات واإلضافات‬available that
can automate the process of rewriting URLS using HTTP to HTTPS (i.e. Really
Simple SSL for WordPress).
If the HTTP resource is stored on your own website, we recommend using
the relative directory and filename as follows.

Absolute Path:

<img src="https://example.com/images/pic.jpg">
Relative Path:

<img src="/images/pic.jpg">
Resources that can cause Mixed Content Warnings:


o Web fonts
o Iframe content
o JavaScript includes
o CSS stylesheets
o Image embeds
o Video embeds
o Audio embeds

Caution

 If your website loads external resources, changing links to HTTPS could break the
functionality. To avoid this, make sure the resource is available over HTTPS
before changing the URL in your code. You can access the URL with HTTPS in a
browser to verify.
 If you run into issues, you can attempt to download the external content and host it
on your own server to ensure it loads over HTTPS. Always test in a development
environment for scripts and other content that could perform differently.

3.3 Search Engine Optimization

The last thing to prepare for is the potential negative impacts of using
HTTPS. Following the steps below should help to minimize them.

Once configured, add and verify the new HTTPS site in Google Search
Console. This will allow you to recrawl your site and submit a new XML sitemap
with your HTTPS URLs.

For many SEO elements like “rel=canonical” and “open graph” tags, it is
advisable to use an absolute URL, as these are read externally by social media sites
and search engine crawlers.

It’s important to note that there will be a period of normalization after

applying SSL, but in the end, it is a confirmed ranking signal according to Google.

Similarly, social sharing counters for older content will likely become
invalid. This is because now there is a new URL starting with HTTPS rather than
 HTTP, and many tools count each as a separate URL with its own engagement
metrics.

SEO & meta elements to check:

o rel=canonical
o rel=alternate
o rel=next & rel=prev
o hreflang
o Open Graph tags
o Schema.org
o Structured Data
o Sitemaps
o Internal Linking

3.4 Website Security Caveat

HTTPS is a great thing for the internet as a whole, it helps keep com:

munication secret between users and the websites they visit. SSL secures
data in transit but does not secure the website itself.

Website security is much more comprehensive than HTTPS/SSL alone. Think of

HTTPS/SSL as one of many security controls to consider when thinking about
your website’s security. Deploying ‫ جاٍر النشر‬HTTPS/SSL on your website does
little to ensure your visitors are safe if you do not take to establish a secure hosting
environment, such as using secure passwords and updating all website software.
We encourage website owners to think about website security holistically
and consider leveraging a website security platform that offers a complete suite
of security controls: protection, detection, monitoring, and incident response. If
you have more questions on how platforms work or questions about this article
please direct them to our team at [email protected].

Di
Notes:
- Cater: ‫زود الطعام‬
- Vouch: ‫يضمن شخص‬
- Decent: ‫مقبول‬
- Reputable: ‫حسن السمعة‬
- Prompted: ‫مطالب‬
- Enrolled: ‫المقيدين‬