World Class Web Hosting
+1.877 724-7638

my pair account webmail

my pair account

forgot password?

Web hosting services

 

about pair Networks

 

Knowledge Base

Search

System Notices

Contact Us

pairNIC Support

blog.pair.com

Call Us

  • +1.877 724-7638
  • +1.412 381-7247

Fax

  • +1.412 381-9997

E-mail Us

Web contact forms

Mailing Address

  • pair Networks, Inc.
    Suite 210
    2403 Sidney Street
    Pittsburgh, PA 15203-2168

support - knowledge base

 

Our Network and Servers - Secure Server (SSL) Information

SSL, which stands for Secure Sockets Layer, is a protocol that allows traffic between a Web server and client (ie, the browser) to be strongly encrypted, using public key technology.

Access to a SSL-enabled server is made through URLs that begin with "https:" rather than "http:" The secure connection is made on port 443 rather than port 80, and all traffic in both directions is encrypted. The secure server must present a digital certificate before the connection will be trusted by the client.

At pair Networks, we operate dozens of secure servers. Most of them, known as ssl.pair.com, ssl2.pair.com, and so forth, are used for those who have requested the SSL add-on for their account. Several others are used for the account types that include bundled SSL access (Developer and Commerce).

Our secure services are provided by using the Apache Web server with the mod_ssl module.

Common Misconceptions About Secure Services

  • SSL is for credit card purchases. - Although the submission of credit card information is one of the most popular uses of SSL, there is no special relationship between SSL and credit cards. SSL does not provide for credit card processing in any way; it merely encrypts data during transit.

  • A secure certificate is required. - Our normal setup for SSL provides you with use of an area under https://ssl#.pair.com/ (or other pair URL), which uses our own certificate. Certificates are specific to a host name. If you need secure service under your own domain name, such as https://www.example.com/, you will need to purchase your own certificate from a certificate authority. pair Networks offers secure certificates through pairSSL.com.

  • The secure server delivers encrypted data to your CGI script. - When data "comes out of" the secure server on the local side, it is unencrypted. As far as a CGI script can tell, there is no difference between secure and regular Web servers.

  • Once the data has been delivered, it is "safe". - One of the most common mistakes is to take secure data and re-send it through e-mail, or even to store it unencrypted on the server. To provide a reasonable degree of security, secure data should immediately be re-encrypted as soon as it is received from the secure server. We realize that many, many sites, including large corporate sites, do not take these precautions. But do you want to give that to your customers as an excuse when their information gets stolen?

To provide for safe re-encryption of secure data once it is received from the secure server, we recommend the use of GnuPG (Gnu Privacy Guard). GnuPG version 1.4.5 is installed on all of our servers.

Shortcut To This Article: http://kb.pair.com/h5