2017 Petya, Cyber Security News Новости SSL индустрии. Технологии, правила, проблемы, атаки Украина ☎ +380672576220 

☎ +380443834054
☎ +380672576220
Ukrainian Symantec Partner

2017 HTTPS технологии
Новости SSL индустрии


CSR
Генерация
SSL
Установка
SSL
Проверка
SSL
Seal
Промежуточные
сертификаты
Конвертер
сертификатов
Экспорт-Импорт
сертификатов
Code Sign
сертификаты
Smime Email
сертификаты
PDF
серты
SSL
правила
Разное


Новости Новости 2017
Июнь
Май
Апрель
Март
Февраль
Январь

Архив 2016
Декабрь
Ноябрь
Октябрь
Сентябрь
Август
Июль
Июнь
Май
Апрель
Март
Февраль
Январь

Архив 2015
Декабрь
Ноябрь
Октябрь
Сентябрь
Август
Июль
Июнь
Май
Апрель
Март
Февраль
Январь

Архив 2014
Декабрь
Ноябрь
Октябрь
Сентябрь
Август
Июль
Июнь
Май
Апрель
Март
Февраль
Январь

Архив 2013
Декабрь
Ноябрь
Октябрь
Сентябрь
Август
Июль
Июнь
Май
Апрель
Март
Февраль
Январь

Новости ССЛ и ХТТП на 22 августа 2017г.

02/08/2017 adgrafics

Вместо того, чтобы работать в качестве отдельных подразделений Symantec Cert + SubCA DigiCert было принято решение работать в составе одной команды под единым руководством. чтобы полностью владеть и управлять решениями PKI, технологиями, брендами, инфраструктурой, персоналом, служебными помещениями, чтобы поддерживать рост и гарантировать высокое качество продуктов и запатентованной информацией, относящейся к сайту и бизнес-подразделению Internet of Things

31/07/2017 DigiCert to Acquire Symantec’s Website Security and Related PKI Solutions

Symantec Corp. (NASDAQ:SYMC), the world’s leading cyber security company, and DigiCert Inc., a leading provider of scalable identity and encryption solutions for the enterprise, today announced an agreement under which DigiCert will acquire Symantec’s Website Security and related PKI solutions. Under the terms of the agreement, Symantec will receive approximately $950 million in upfront cash proceeds and approximately a 30 percent stake in the common stock equity of the DigiCert business at the closing of the transaction. Пресс релиз тут >>>

31/07/2017 adgrafics

https://www.facebook.com/photo.php?fbid=1391936254205286&set=a.640333426032243.1073741826.100001667733499&type=3&theater с Семантиком все в порядке ;) истерика поднята рашей при помощи заказных статей "специалистов" в профизданиях и прессе из за "обиды" на Symantec в связи с отказом выпускать серты для Крыма и желание других Центров Сертификации воспользоваться ситуацией и перехватить клиентов оказалась на поверку пшиком ;) на самом деле ситуация находится в рамках рабочего процесса: 1) для того чтобы исключить вероятность использования сертов выпущенных по наследованной от Верисаин PKI в промышленной среде Семантик перевыпускает серты выпущенные до 1 июля 2016года а гугла и фф внедряют в браузерах систему защиты чтобы этого не произошло. 2) после покупки VeriSign пришло время менять корневые серты и PKI - вот и запланировано менять их в ближайшее время 3) это на закуску ;) CabForum вводит ограничение на срок всех сертов-до 2х лет максимум. так что усе океюшки! раша лает. а караван идет ;) а вааще по большому счету ничего можно и не предпринимать 99,9% пользователей ;) потому что их сертификаты выпущенные до 1 июля 2016 года попросту истекут к 17 апреля 2018 года и окончательно исчезнут до 23 октября 2018 года... когда может бы да кабы ))) https://groups.google.com/a/chromium.org/forum/…

20/07/2017 Symantec’s Agreement to Acquire Fireglass: Creating More Opportunities for Partners

The acquisition, which is expected to close this Fall, adds valuable new capabilities to our Secure Web Gateway and Email Gateway offerings that increase your customers' protection against web-borne threats.

13/07/2017 adgrafics

в связи с возникшей технической необходимостью для корректной работы сертификата в браузере chrome желательно до 8 августа перевыпустить и переустановить текущие Symantec Group ssl сертификаты

Для этого необходимо:
1) войти в ваш Symantec account: https://products.websecurity.symantec.com/orders/orderinformation/authentication.do
--> Перевыпустить сертификат
--> Перевыпуск без изменения значений дополнительных доменов ввести старый или новый запрос CSR, поставить галочку "Я принимаю условия соглашения с подписчиком SSL-сертификатов"
--> Отправить
2) Получив новый сертификат установить его на сервер и провести проверку на https://proverkassl.com

Или пришлите запрос CSR и мы перевыпустим сертификат для вас

* Перевыпуск проводится бесплатно.

13/07/2017 Symantec

Symantec Website Security has been in discussions with the browser community regarding their proposed treatment of our SSL/TLS certificates. In our most recent response, we highlighted that the timing laid out by Google’s latest proposal is not achievable. One aspect of Google’s proposal is that starting August 8, 2017, Chrome would gradually begin mistrusting all Symantec and all GeoTrust, Thawte and RapidSSL branded certificates issued before June 1, 2016. FAQ – Google Proposal Certificate Reissuance

30/06/2017 Symantec Cyber Security News

Malware
The number of new malware variants decreased slightly in May, with 76.7 million variants. The email malware rate increased again in May, coming in at one in 422 emails. The return of the Necurs botnet near the end of March may be to blame for the increase in activity. However, the rate is still well below the rates seen throughout 2016.

Web Attacks
The number of web attacks blocked increased again in May, up from 1,038,000 per day to 1,266,000 per day. This is the highest web attack activity seen since November, 2015. The RIG toolkit was the most active web attack toolkit, comprising 28.4 percent of all toolkit activity in May. However, this is down 1.1 percentage points from April.

Mobile and Social Media
Manual sharing continues to dominate social media scams, though it dropped 5.59 percentage points in April to 86.05 percent. Like Jacking increased 3.19 percentage points during the month of April, up from 6.35 percent in March to 9.54 percent.

Spam
The global spam rate decreased slightly in May, to 54.1 percent, down 0.1 percentage points from April. The Construction sector claimed the highest spam rate, increasing 0.2 percentage points to 59.9 percent. At 57.9 percent, the Mining sector came in second place, up 0.1 percentage points.

Phishing
The phishing rate increased again in May, up to one in 2,998 emails. This is the highest rate seen since November 2016, and follows three months of relatively low phishing activity. Phishing rates increased across most industries, with the Services sector having the highest rate.

28/06/2017 adgrafics


The Network Intrusion Prevention (IPS) technology available in Symantec Endpoint Protection (SEP) and Norton products proactively protects customers against attempts to spread Petya using the Eternal Blue exploit. Eternal Blue exploits a Microsoft vulnerability that was patched by Microsoft in March 2017 – see MS17-010 for details. Symantec encourages all customers to update with this patch. SONAR behavior detection technology also proactively protects against Petya components. Symantec products also detect Petya infections as Ransom.Petya.

What are the details of Symantec's protection?
AV Coverage

  • SEP 14 ONLY - Heur.AdvML.B (aka ML.Attribute.HighConfidence)
  • SEP 12 and 14 - Ransom.Petya coverage available in Virus Definitions 20170627.0 (RR:186081) Published at (11:35 am)
  • Additional variant detections available in Virus Definitions 20170627.016 (RR:186082)
  • Initial coverage available in certified Defs MDD2 expected to release for SEP on June 27, at 7:00PM PDT, all other products at 9:00PM PDT

IPS Coverage:
  • OS Attack: Microsoft SMB MS17-010 Disclosure Attempt (released May 2, 2017)
  • Attack: Shellcode Download Activity (released April 24, 2017)
  • Sonar: SONAR.Module!gen3

Please note this is an evolving situation. Symantec is continuing to analyze this threat and will post further information to the Symantec Security Response blog as soon as it becomes available. You can also follow our Symantec Security Response Twitter account @ThreatIntel for the latest updates.

Resources

26/06/2017 adgrafics

Two months following the release of the initial proposal, Google and Symantec, with input from the rest of the Internet community, seem to have arrived at a common solution. On May 19, 2017, Google proposed an updated plan that would require Symantec to implement some significant changes to the way they operate their Certificate Authority (CA). In return, Google would continue to support Symantec certificates in their Chrome browser.

05/06/2017 Symantec

Реакция браузеров на SSL сертфиикаты Examples of recent browser UI security indicators

05/06/2017 Symantec

The current plan, in line with the proposal by Google, would ensure that EV status remains for EV certificates, allows Symantec to offer certificate validity in line with expected industry standards, and allows customers the same experience they use today (management console, APIs, etc.). In addition, while we would partner with other CAs for parts of our CA operations, Symantec would continue to provide our customers the 9 additional or proprietary checks that result in the enhanced authentication you have come to expect. Symantec’s Response to Google’s subCA Proposal

29/05/2017 Symantec Cyber Security News

This month’s Symantec Website Security Status email features updates on the Cyber Security Landscape. This information comes from Symantec’s Global Intelligence Network (GIN). For more information, visit: https://www.symantec.com/security_response/publications/monthlythreatreport.jsp

Malware
The number of new malware variants increased in April, reaching 81 million for the month. The email malware rate also increased in April, coming in at one in 482 emails. The return of the Necurs botnet near the end of March may be to blame for the increase in activity during April. However, the rate is still well below the rates seen throughout 2016.

Web Attacks
The number of web attacks blocked almost doubled in April, up from 584,000 per day to 1,038,000 per day. This is the highest web attack activity seen since January, 2016. The RIG toolkit was the most active web attack toolkit, comprising 29.5 percent of all toolkit activity in April. This is up 15.9 percentage points from March.

Mobile and Social Media
Manual sharing continues to dominate social media scams, though it dropped 5.59 percentage points in April to 86.05 percent. Like Jacking increased 3.19 percentage points during the month of April, up from 6.35 percent in March to 9.54 percent.

Spam
The global spam rate increased in April, to 54.2 percent, up 0.4 percentage points from March. The Construction sector claimed the highest spam rate, increasing 1.8 percentage points to 59.7 percent. At 57.8 percent, the Mining sector dropped to second place, down 1.2 percentage points.

Phishing
The phishing rate increased in April, up to one in 5,611 emails. Phishing rates increased across all industries and all organization sizes during the month of April.

16/05/2017 Symantec

Symantec Blocks 22 Million Attempted WannaCry Ransomware Attacks Globally. More info: https://www.symantec.com/about/newsroom/press-releases/2017/symantec_0515_01

15/05/2017 Symantec

W AnnaCry называют самой крупной атакой кибер-безопасности. Наши решения блокировали 99,999% атак WannaCry Ransomeware. Пользователи, которые установили обновление безопасности MS17-010 для Windows Security, не уязвимы для этой угрозы. Более подробно см. В прилагаемом информационном листке и Y Вы можете больше узнать о WannaCry в нашем блоге Security Response: https://www.symantec.com/connect/blogs/what-you-need-know-about-wannacry-ransomware

05/05/2017 adgrafics

Полный текст общения Google и Mozilla в блоге Symantec

Основные положения:

1. Мы уверены в наших процессах выпуска и в уже действующих мерах по аддитивной защите, поэтому мы проводим обширные аудиты, которые будут преданы гласности, как указано в нашем предложении. Мы предложили аудиты, выходящие далеко за рамки традиционных аудитов WebTrust для CA и Baseline Requirements.
В случае сертификатов EV у нас будет внешний аудитор проверить 100% действующих сертификатов EV. Мы уверены в наших процессах и полный, подробный внешний аудит является наилучшим механизмом, о котором мы знаем, чтобы продемонстрировать это.
В случае нашей программы SSL / TLS RA мы предприняли самые консервативные действия: мы закрыли ее.

2. Symantec аутсорсинг выдачи SSL / TLS третьим лицам считаем необоснованным и не пропорциональным фактическому или предполагаемому риску, который смягчается в соответствии с нашим предложением.

3. Учитывая сложность внедрения в настоящее время цикла замены краткосрочных сертификатов для многих наших клиентов, мы предложили повторное аттестацию всех наших сертификатов за 9 месяцев.

4. Мы призываем сообщество рассмотреть объективные, сравнительные результаты наших процессов с другими, наряду с достоинствами нашего предложения. Важно, чтобы любые действия, предпринимаемые Google и Mozilla, не перегружались и приводили к ненужным нарушениям бизнеса для клиентов и пользователей сайтов, которые полагаются на сертификаты Symantec SSL / TLS.

05/05/2017 adgrafics

Certificate Transparency Deadline Moved to April 2018

04/05/2017 adgrafics

Начиная с 8 сентября, все CAs будут обязаны проверять и выполнять отчеты CAA домена. Форум CAB одобрил эту меру в прошлом месяце.

* Авторизация сертификата (CAA) - это дополнительная мера безопасности, которую операторы веб-сайта могут использовать для защиты своего домена от неправильной выдачи. Он позволяет владельцам доменов указывать, какие центры сертификации (CA) могут выдавать сертификаты для своих веб-сайтов. CAA настроен как запись DNS. Владельцы домена, которые хотят использовать CAA, создают запись со списком центров сертификации, которые могут выдавать для них сертификаты. Когда какой-либо ЦС получает запрос сертификата, он затем проверяет запись CAA домена, чтобы узнать, являются ли они утвержденным эмитентом. Они должны отказаться выдавать сертификат, если они не являются перечисленным ЦС. Если в домене нет записи CAA, любой CA может выпустить сертификат.

04/05/2017 Symantec

Cyber Security News
This month’s Symantec Website Security Status email features updates on the Cyber Security Landscape. This information comes from Symantec’s Global Intelligence Network (GIN). For more information, visit: https://www.symantec.com/security_response/publications/monthlythreatreport.jsp

Malware
The number of new malware variants decreased to 77.5 million in March. However, this is still significantly higher than the December-January period. The email malware rates so far in 2017 are much lower than previous months. However, the return of the Necurs botnet near the end of the month may result in an increase in activity during April.

Web Attacks
The number of web attacks blocked increased in March to 584,000 per day. This is the highest amount of web attack activity seen since July, 2016. The RIG toolkit was the most active web attack toolkit again, comprising 13.6 percent of all toolkit activity in March. However, this is down 11.4 percentage points.

Mobile and Social Media
Manual sharing continues to dominate social media scams, increasing 3.86 percentage points in March to 91.64 percent. Like Jacking decreased 3.05 percentage points during the month of March, down from 9.4 percent in February to 6.35 percent.

Spam
The global spam rate increased slightly in March, to 53.8 percent, up 0.1 percentage points from February. The Mining sector claimed the highest spam rate, though it decreased 0.3 percentage points to 59 percent.

Phishing
The phishing rate saw further decreases in March, down to one in 9,138 emails. At one in 8,304 emails, businesses with less than 250 employees had the highest phishing rate this month.

27/04/2017 adgrafics

Ответ Symantec на предложение Google

13/04/2017 adgrafics

Между "Безопасно" и "Безопасный сайт" - принципиальная разница ;) крупнейший аналитик и психолог умняшка Goole по непонятным причинам лоханулся и в результате замены замочка на надпись "Надежный" в Хроме привела к росту атак и обману обычных пользователей Некоторая аналитика тут https://news.netcraft.com/archives/2017/04/12/lets-encrypt-and-comodo-issue-thousands-of-certificates-for-phishing.html

14/04/2017 Symantec: Changes to Authenticated Data Re-Use Policy

The CA/Browser Forum recently passed Ballot 193, which does the following:

  • Effective almost immediately (April 22, 2017) - Reduces the length of time that authenticated information can be re-used to authenticate subsequent certificates, from 39 months to 27 months (825 days). New, renewal, and replacement certificates will be subject to this change from April 22, 2017. This deadline may change, and if it does we will notify you.
  • Effective March 1, 2018 - Decreases the maximum validity period of SSL/TLS certificates to 27 months (825 days). Symantec will notify you when we plan to stop supporting 3 year certificates.

! Important note: This is an industry-wide change required of all Certificate Authorities.

What you need to know about changes to the authenticated data re-use policy:

Existing certificates are not affected. The authentication work is already complete and no action is necessary.

Reissue (replacement) certificates:

  • DV: DV certificate reissues currently undergo domain validation; thus, there is no impact to DV certificate reissues.
  • OV: Some OV reissues may not instantly issue in the event that the authenticated data used to approve the original certificate is older than 825 days or is otherwise no longer valid. In some cases, reissues will undergo authentication, though many reissues will continue to be instantly issued.
  • EV: EV reissues are not impacted. Currently, EV reissues are quickly approved (though not instantly), and this will continue to be the case.

Renewal certificates: Certificate renewals will continue to leverage existing authentication and automation whenever possible, and in many cases will be quickly approved. However, with the shorter validity of authenticated data (27 months), renewals will more frequently require re-authentication.

05/04/2017 adgrafics

В связи с последними изменениями требований CA / B мы обновлем свою политику и процедуры выпуска SSL-сертификата, чтобы соответствовать 2 важным обязательным требованиям.

  1. Максимальный срок действия 825 дней (27 месяцев) для всех сертификатов SSL с 1 марта 2018 года.
    Начиная с 20 апреля 2017 года, adgrafics больше не будет предлагать сертификаты сроком действия 3 года, чтобы ограничить влияние на наших клиентов после 1 марта 2018 года.
  2. A requirement that domain and organizational vetting must be completed in the 825 days (27 months) prior to issuance/reissuance of the certificate (previously this time period was 39 months).

Обратите внимание: нет влияния на клиентов, заказывающих новые сертификаты; Однако при переиздании сертификатов или добавлении / удалении SAN доменов срок будет урезан до 27 месяцев.

Для 3 летних ранее выпущенных DV SSL сертификатов:

  • Сценарий 1 - Действует с 1 марта 2018 года. Если Пользователь перевыпускает свой сертификат с оставшимся сроком действия более 27 месяцев:
    Результат: сертификат будет сокращен до 27 месяцев, поскольку это максимальный допустимый период действия.
  • Сценарий 2 - Действует с 20 апреля 2017 года. Пользователь пытается перевыпустить трехлетний сертификат через 27 месяцев:
    Результат. Поскольку проверка домена должна была быть выполнена в течение 27 месяцев, попытки переиздать сертификат, подтвержденный Доменом, будут отклонены. Это означает, что с 20 апреля 2017 года любой трехлетний запрос на повторную авторизацию сертификата SSL, совершенный более чем через 27 месяцев с момента его выдачи, будет отклонен.

Для 3 летних ранее выпущенных OV SSL сертификатов:

  • Сценарий 1 - Действует с 1 марта 2018 года. Пользователь перевыпускает свой сертификат с оставшимся сроком действия более 27 месяцев:
    Результат: сертификат будет сокращен до 27 месяцев, поскольку это максимальный допустимый период действия.

Для 3 летних ранее выпущенных EV SSL сертификатов: нет проблем ;)

27/03/2017 Symantec

Google’s blog statements about our issuance practices and the scope of our past mis-issuances are exaggerated and misleading. подробнее >>>

07/03/2017 Symantec

By April 2017, we will decommission the "Legacy" timestamping service.
(Legacy) RFC 3161 Service SHA128: https://timestamp.geotrust.com/tsa
To support business continuity for our customers, we have provided the following replacement services. All Code Signing customers must migrate to the "new" service URLs by March 31, 2017 in order to avoid service disruption (see below).

(New) RFC 3161 Service SHA256: http://sha256timestamp.ws.symantec.com/sha256/timestamp

Important: Customers must leverage SHA256 Timestamping service going forward, and should not use a SHA1 service unless there is a legacy platform constraint which doesn't allow use of SHA2 service (in this case you can use this new URL: RFC 3161 Service SHA128: http://sha1timestamp.ws.symantec.com/sha1/timestamp).

Background and Key Industry Mandates affecting the Timestamping services

  • To comply with Minimum Requirements for Code Signing (CSMRs) published by CA Security Council and Microsoft Trusted Root Program Requirements (section 3.14), Symantec has set up the "new" RFC 3161 (SHA1 and SHA2) service as per specifications and requirements laid out by section 16.1 which requires FIPS 140-2 Level 3 key protection.
  • In the near future, Oracle will be taking steps to remove SHA1 support for both Java signing and timestamping. This will not impact Java applications that were previously signed or timestamped with SHA1 as these will continue to function properly. However, Java applications signed or timestamped with SHA1 after Oracle's announced date may not be trusted.

02/10/2017 adgrafics

Начиная с сентября 2017 года, все ЦС будут обязаны проверять и соблюдать записи CAA. До этого требования ЦС внедрили проверку CAA на основе выбора, что означало, что в CAA отсутствовала какая-либо реальная защита для операторов сервера. Со всеми CA, проверяющими записи CAA, оператор сервера может ограничить свой юниверс известных сертификатов несколькими (или одним) CA.

02/02/2017 Symantec

To reduce the chance of issuing certificates to malicious Certificate Authority Security Council (CASC) require that Symantec:

  • Follow a strict and standardized identity verification process to authenticate publishers
  • Check all Code Signing orders against lists of suspected or known malware publishers
  • Check all Code Signing orders that were previously revoked by Symantec where the certificates were used to sign suspect code.

Symantec has also introduced a 'Certificate Problem Reporting' system for both Symantec and Thawte Code Signing certificates which will allow third parties like malware organisations and software suppliers to report issues relating to key compromise, certificate misuse and possible fraud. Under the new arrangement, once Symantec receives a request, we will either revoke the certificate within forty eight hours, or alert the requestor that we have started an investigation. Symantec has enhanced our timestamping services for our Code Signing customers to meet the new requirements. More information can be found in the following KB articles for Microsoft Signing and Java signing, which will be made available to all customers. The main benefit of using a timestamp is that the signature does not expire when the certificate does, which is what happens in normal circumstances. Instead, the signature remains valid for the lifetime of the timestamp, which can be as long as 135 months. Symantec has published a set of guidelines on private key protection best practices for Symantec and Thawte Code Signing certificates which must be reviewed and accepted by subscribers as part of the enrollment process. These guidelines make recommendations regarding the secure storage of private keys to mitigate against the risk of potential vulnerabilities, however it is important to call out that Code Signing minimum requirements published in December stop short of mandating that an OV Code Signing certificate must be stored on a FIPS 140-2 Level 2 HSM or equivalent on premise hardware.

03/01/2017 Code Signing Working Group

the Code Signing Working Group recently released the first-ever standardized guidelines for Code Signing. These guidelines are managed by the Certificate Authority Security Council (CASC) and were created to ensure all Certificate Authorities (CAs) adhere to the same set of standardized issuance and management policies. You can read the full requirements in the official documentation here >>> With the release of these guidelines, Microsoft will be the first platform to adopt the Minimum Requirements and has set a compliance deadline of February 1, 2017.

  1. Offering a standard Multi-Platform Code Signing Certificate for use with all platforms (Microsoft Authenticode, Adobe Air, Apple, Mozilla & Netscape Objects, Macros & VBA).
  2. Providing a USB Hardware Token ( FIPS 140-2 Level 2 HSM ) with all standard Multi-Platform Code Signing Certificates for storage of private keys
  3. Including State and/or Location as a mandatory field within the ordering process to be included within the Certificate Distinguished Name "SubjectDN" field.

01/01/2017 Google Chrome 56

Overview
To help users browse websites more securely, Google has announced that the January 2017 release of its Chrome browser will mark all unencrypted HTTP sites as “not secure” in the browser URL. This is part of Google’s plan to discourage use of sites that don’t use appropriate security measures and to transition web traffic from potentially insecure HTTP to the safer alternative HTTPS sites.

Why is Google making this change?
Current versions of Google Chrome cannot indicate whether HTTP connections are secure. This means that when users access a site using HTTP, a hacker could intercept login information, passwords or payment data, increasing the opportunities for fraud. A recent Google study identified that the current neutral indicator in the web browser has little impact on users, and a “not secure” warning is more effective. In labelling HTTP sites more clearly and accurately Google aims to give users more reassurance when using certain websites. Ultimately, Google plans to label sites that continue to use HTTP with a red warning triangle to indicate that these sites are not functioning securely.

When does this change take place?
Beginning in January 2017, Google’s Chrome 56 browser will label HTTP pages that include sensitive information, such as password or credit card fields, as “not secure”.

Why transition to HTTPS?
HTTPS ensures that when a user accesses a website, this data is encrypted using the Secure Sockets Layer (SSL) protocol or the more modern version, Transport Layer Security (TLS) protocol. In order to implement HTTPS, site owners must obtain a trusted digital certificate for each of their sites. Google reports that HTTPS usage is increasing substantially and that a significant portion of web traffic has transitioned to HTTPS to date.

What are the benefits of encrypting my website?
HTTPS offers many advantages over HTTP, including powerful new features and performance including:
• Always-on SSL (AOSSL): a practical best practice to protect user data and ensure a site’s pages, cookies, APIs, and sessions are secure
• SEO benefits: Google’s search engine algorithms boost rankings of sites that use HTTPS encryption
• Performance: encrypted sites get the performance enhancements that come with HTTPS and performance is a significant search engine ranking signal
• Control: Third parties and Wi-Fi hot spots can insert ads on web pages, potentially slowing site performance and messing up the user experience
• Credibility: the reassurance of encryption to users should not be underestimated. Visual trust cues can help reduce bounce rates, abandoned shopping carts, and improve trust

Is the change in Google Chrome relevant to individual pages or the entire site?
Browsers are looking at pages, so as pages appear they examine them for password or credit card fields. If these fields are present, the site will be flagged. If no fields are present, the site is not flagged. Any pages within the site that are flagged need encryption to prevent browser warnings indicating the page is not secure.

My site isn’t ecommerce, why is this important?
As Google Chrome marks all pages with the insecure warning, it leads to a negative impact on the user experience, whether or not encryption is needed in the same fashion as an ecommerce site. Considering this is a browser change that affects all types of sites, it’s not just for ecommerce.

Will my internal pages, not accessible to the general public, be subject to the same warning messages?
This is a change controlled at the browser level, not at the user level. So, you’ll still have the error messages for internal sites lacking HTTPS, which could cause confusion for users within your internal environment(s).

How can I prioritize which pages to secure?
At a minimum, start with password and credit card pages as we know these are pages that will be impacted by this change. Then, begin looking at other pages. A best practice for prioritization purposes would be to address the pages on your site with the highest traffic, as these will be visited the most and have the highest chance of a negative user experience when error messages are displayed.

Speaking of Google, will not having HTTPS impact my search ranking?
Yes, sites with HTTPS are given preference in search rankings (which has been widely publicized), so it goes to show that using HTTPS is important for your SEO activities.

What can I do next to secure my website?
We partner with Symantec, whose AOSSL security offerings for small and mid-size businesses deliver world class security, helping to prevent cyber-attacks and other repercussions. Providing a prescriptive approach and practical step by step advice, our partnership with Symantec can support your business by securing the exchange of digital information across the web. This means your customers can be confident that their interactions with your website are secure and that they are receiving an optimal user experience. 


Сравнение стоимости использования сертификатов Symantec
+A | R | -A | |--| |<->|

Заказ сертификата
Продление сертификата
Управление сертификатом
Обмен сертификата

Symantec SSL сертификаты
Thawte SSL сертификаты
GeoTrust SSL сертификаты
Code Sign сертификаты

Полный прайс лист



есть вопросы: +380672576220

Контакты с адграфикс

Замовити дзвінок

 DV SSL OV Сертификаты подтверждающие только Домен OV SSL OV Сертификаты подтверждающие Домен и Организацию EV SSL EV Зеленые усиленные сертификаты с указанием названия Организации подтверждают Домен и Организацию WC SSL wildcard Сертификаты защищающие все субдомены. Класс DV OV и EV SAN SSL SAN Мульти доменные  сертификаты защищающие несколько FQDN Доменов. Класс DV OV и EV PRO SSL SGC PRO сертификаты с технологией  Server Gated Cryptography. Класс  OV и EV CodeSign Сертификаты для подписи приложений и програмного кода MS, Java. Класс  OV и EV Email Сертификаты для подписи емаил smime. Класс  DV OV PDF Сертификаты для подписи документов PDF. Класс  OV PV* ALL

Copyright © 1997-2017 adgrafics
?>