20 Dec

Google abandons SHA-1 encryption soon!

Google abandons SHA1 encryption soon!

Google handles well his security plan on the web and it seems to stick to it. Google waits hardly a week between each announcement of a new measure to increase the security or change an aspect of it. When it is not on its search engine, it is on Chrome, its flagship browser.

Websites and browsers encryptent data exchanged between them. A digital signature is created for each data packet to ensure that these data are not altered when transiting servers to servers.

The SHA-1 type of encryption for security certificates has some weaknesses and recommendation made by security authorities in 2011 was to abandon it on 1st January 2016.

Google will go in that sense, and in the course of January 2016, the release of Chrome 48 will present an error when you browse a Web site only with the SHA-1 encryption type.

The error should look like this:

SHA-1 encryption type error

In addition, on 1 January 2017 it will no longer be an alert to be displayed but an error that will completely block the possibility of visiting the site.

Make sure your web hosting company offers a ready SHA-2 environment for 2016 , such as Internet Cloud Canada which has already made the move since a while! Otherwise, your websites will display errors and of course you will lose the trust of your customers because they will not not buy or look at an insecure website!

Share this
18 Dec

Google indexes more intensely HTTPS pages

Google indexes more intensely HTTPS pages

Google announced that the HTTPS pages will be better ranked and prefered according to certain criteria in the positioning of research results. A website secured by a security certificate will benefit from better visibility in the Google search engine.
This process was initiated but it is clear that a visitor must have a private and secure relationship between him and the website. Google will index the default HTTPS pages using the following criteria:

 

– It doesn’t contain insecure dependencies.
– It isn’t blocked from crawling by robots.txt.
– It doesn’t redirect users to or through an insecure HTTP page.
– It doesn’t have a rel=”canonical” link to the HTTP page.
– It doesn’t contain a noindex robots meta tag.
– It doesn’t have on-host outlinks to HTTP URLs.
– The sitemaps lists the HTTPS URL, or doesn’t list the HTTP version of the URL
– The server has a valid TLS certificate.

 

This may seem like a lot of criteria, but in fact it is more exceptions than actually criteria because few pages are in this situation unless you decided it.

We must therefore now obtain an SSL certificate and switch to a HTTPS website to offer a better user experience and SEO results!

Share this
09 Dec

News : Fast way to Protect Your Website!

news : fast way to protect your website

If there is a topic in the news that is important, it is to protect your website from threats and attacks on the network.

Although it is possible to reduce risk, it remains difficult to annihilate them. We must therefore think in terms of protective layers, one serving to reinforce the other. Again, for novices or when the budget is not at the rendezvous, it may seem difficult. Therefore, we recommend the following measures which they are acessible to everyone!

Quick and easy precautions:

SSL Certificate

The fastest and effective way to build your online security is to add an SSL security certificate. This level of encryption allows you to secure exchanges between your server and visitors.

This is required especially when it comes to sensitive information exchange, passwords or even treating some online forms with personal information.

Safety Certification solutions are not as expensive as before. Depending on your business, there are solutions for under $ 100 / year that will fully protect you.

 

Update

Updating the server that serves your files is also something on the first line of defense. Choose a web hosting company that puts the updates in the foreground!

 

Directory Tree and folder names

The website creation is a science where developers often use the same ways of doing things. Ask or make sure that administrators are accessing in directories by another title as “admin” or “wp-admin” if you are using WordPress.

When it comes time to choose your password, avoid “admin” and choose an alphanumeric password that you change regularly.

 

Firewall

A firewall is the first line of defense between the Internet and your server. There are as many versions of software than hardware that makes this work. We nevertheless suggest the WAF (Web Application Firewall). They are deployed in front of your server as a gateway, restricting bad web traffic and filtering your network. There are very useful against DDOS attacks. This solution provides for a few dollars a month, the peace of mind!

 

Whatever your decision, if you implement one or the other or all of these suggestions, you will have a more secure environment for your website!

Share this

© 2018 Internet Cloud Canada.Tous droits réservés. (Sitemap).