website security – Domain.com | Blog https://www.domain.com/blog Tue, 13 Apr 2021 18:41:20 +0000 en-US hourly 1 https://wordpress.org/?v=5.5.3 https://www.domain.com/blog/wp-content/uploads/2021/03/favicon.png website security – Domain.com | Blog https://www.domain.com/blog 32 32 How to Build Trust with eCommerce Buyers This Holiday Season https://www.domain.com/blog/optimize-site-holiday-ecommerce/ https://www.domain.com/blog/optimize-site-holiday-ecommerce/#respond Mon, 26 Oct 2020 09:00:00 +0000 https://www.domain.com/blog/?p=3834 Continue Reading]]> 2020 has taught most businesses how to tackle uncertainties. Even as the economy gradually opens up, several companies are struggling to get back on their feet as they face fluctuating demand, limited operations, and ever-changing regulations.

Many have used this time to strengthen their eCommerce operations as more and more people resort to online shopping. And with the holiday season upon us, this trend is gaining more traction.

According to a 2020 holiday predictions survey, 85% of the retailers interviewed estimated that online sales will increase in this holiday season as compared to 2019 and 55% said they are investing more in upgrading their eCommerce platforms.

It’s evident that this holiday season will take the competition to the next level while also posing new challenges for businesses to keep up with the increase in demand, handle shortages created by reduced scale of operations and, most importantly, build trust with new and existing customers.

This, in fact, is the perfect opportunity for businesses to gain the loyalty of wary online shoppers through a fulfilling and secure shopping experience.

Build Trust with Your eCommerce Customers.

Whether you’re a seasoned eCommerce company or have recently started your online store, these five trust-building tips will help you make the most of this pandemic-fraught holiday season.

1. Reassure customers about safety

The pandemic has everyone on the edge about the transmission of COVID-19 through physical contact. Physical distancing rules are either firmly in place or strongly recommended. Several companies have come up with a strict contact-less delivery policy to allow people to reap the benefits of home delivery without hesitation.

If your business has such a policy in place, along with other rules of how products are handled from packing to delivery and safety measures followed in your workplace, such as wearing of gloves, masks, and other protective equipment, make sure you communicate them clearly to your customers.

A great idea is to send an email about it to all of your subscribers to show them that their safety is your primary concern.

Moreover, communicate these policies to each and every member of your team and make sure that everyone is on board to make this virtual holiday shopping season safe for customers as well as staff. 

2. Be transparent about delays

The competition in eCommerce makes it mandatory for businesses to be well-stocked at all times and offer the quickest, most hassle-free delivery possible.

However, most eCommerce companies rely on third parties such as suppliers, warehousing facilities, delivery management agencies, and customer support. Often, delays are caused by situations that are not in your hands.

Several companies had to press pause on their operations during the pandemic and while business is bouncing back now, companies are still at different stages of resuming their operations. This means that not everyone is operating at full capacity, which can lead to longer wait times than usual.

People, too, have become more patient with such inevitable delays but as a brand that cares about its customers, it is your duty to be transparent about any issues that impact their shopping experience.

Make sure you communicate realistic wait times so that people don’t have unrealistic expectations that set them up for disappointment. If a product is out of stock and it will take time for you to obtain it, let the customer know, offer alternatives, and reward their patience with a discount or a freebie.

3. Improve your website experience

If you’ve been considering a website revamp, this is the perfect time to do so. Here are three things to keep in mind when you’re looking to improve your website’s user experience.

Unique Landing Page

To highlight the merriment of the holiday season, you could create a unique landing page where you highlight all your start products that are perfect for holiday shopping.

To give it an additional flavor of branding, you could give this landing page a unique domain name such as www.holidaybonanza.store or www.merrytimes.fun. New domain extensions such as .store, .online, .fun, and .space, can add that extra spark in your branding.

Speed of site and service

People have little patience when it comes to browsing the Internet. Keep bounce rates low by ensuring that your website loads in less than 5 seconds. Optimize image sizes so that they load quickly. Remove all unnecessary plugins and make sure that the built-in apps for payments and other features are not slowing you down.

Optimize for mobile

While there’s nothing like your own mobile application, you can still create memorable mobile shopping experiences by optimizing your website for mobile devices. Before you start your holiday season campaign, see how your website loads and looks on different devices such as computers, phones, and tablets. Take steps to ensure it loads quickly, the alignments are proper, and that scrolling and browsing are easy.

4. Offer quick checkout

Customers have a lot to accomplish when they’re shopping during the holiday season and you can help them save time by offering a short and sweet checkout.

Simple process

The fewer steps in your checkout process, the less likely people are to abandon their shopping carts. Limit your checkout process to no more than three steps: name and address, purchase review, and payment.

Guest checkout

Every brand likes to gather contact information of their customers to get to know them better and continue to attract them with personalized offers and deals.

However, not every customer feels comfortable sharing their email address especially if they’re doing business with you for the first time.

Some customers just want to make the purchase and be done with it and they shouldn’t feel like they’re being compelled to create an account with you. Provide a guest checkout option to make shopping easy and stress-free for everyone.

Multiple payment options

People have different preferences when it comes to online payments. Some are apprehensive about divulging their card details to different companies. Some prefer online bank transfers. Others use third-party apps such as PayPal or Google Pay. Make sure you cater to all preferences by providing as many payment options as possible.

5. Secure your site

Several people are skeptical of online shopping for security reasons. They are unsure about what might happen when they need to input sensitive information such as personal details and credit card or bank account numbers when making online purchases.

As more people may resort to online shopping due to the closure of physical stores and for health safety concerns, eCommerce companies must reassure buyers that their information is safe at every step of the way.

If you haven’t obtained an SSL (Secure Sockets Layer) certificate for your website, this is the time to do so. This certificate ensures safe transmission of encrypted data from browsers to websites.

Websites that don’t have SSL of HTTPS in their URL are flagged as “insecure” by Google when a user tries to access them. This message can raise suspicion among visitors and discourage them from shopping on your website.

Apart from the SSL certificate, you should also display security seals across your payment pages, such as badges by trusted companies like Visa, Mastercard, Google, and PayPal so that people feel safe about sharing their sensitive bank account information.

Ready to make the most of the holiday eCommerce season?

The holiday season is always an exciting time for people and businesses, but this one is slated to be unlike any other. For people, it is an opportunity to connect with their loved ones after a difficult year, even if just through gifts or virtual meetings.

For businesses, it is an opportunity to make up for the losses suffered so far. By building trust among customers through safety measures and enhanced online shopping experience, businesses not only stand to increase their revenue but also evolve as players to watch out for in the eCommerce playing field.

Author Bio

Alisha is a Senior Content Marketing & Communication Specialist at Radix, the registry behind some of the most successful new domain extensions, including .STORE and .TECH. You can connect with her on LinkedIn and Twitter

]]>
https://www.domain.com/blog/optimize-site-holiday-ecommerce/feed/ 0
Website Security: How SiteLock Helps Keep Your Website Safe https://www.domain.com/blog/sitelock-security-keeps-your-website-safe/ https://www.domain.com/blog/sitelock-security-keeps-your-website-safe/#respond Tue, 04 Aug 2020 09:00:00 +0000 https://www.domain.com/blog/?p=3753 Continue Reading]]> A website is a valuable asset to have: It gives you an opportunity to differentiate from your competitors, attract customers, and make money.

And when something is valuable, it deserves protecting.

We’re here to help you understand and navigate the security issues your website faces so that you’re prepared to handle them should they occur. Today, we’re delving into website security risks, website owner responsibilities, and how SiteLock Security helps keep your website secure.

SiteLock and Website Security

The state of cybersecurity

You might think that as a small business or independent contractor you’re not on any hacker’s radar, because who’d want to waste their time when there are bigger targets, right?

Think again. Small business websites are prime targets for hackers because they’re often not well secured, yet they still harbor a wealth of data and information.

In 2015, (which already seems eons ago) Ginni Rometty, IBM’s Chairman and CEO, stated that:

We believe that data is the phenomenon of our time. It is the world’s new natural resource. It is the new basis of competitive advantage, and it is transforming every profession and industry. If all of this is true – even inevitable – then cybercrime, by definition, is the greatest threat to every profession, every industry, every company in the world.

That statement rings truer today than it did a mere five years ago. 4iQ says in their 2019 Identity Breach Report that “Cyber criminals [have] shifted their focus, targeting more small businesses, resulting in a 424% increase in authentic and new breaches from 2017.”

Whose responsibility is website security?

At its most basic level, website security is any action taken to protect your website from harm.

But whose job is it to make sure a website is secure? Well, as a website owner — it’s yours.

And there’s a lot to keeping a website safe, like maintaining secure passwords, patching vulnerabilities in different applications, and keeping plugins and tools up to date. But a website owner’s responsibilities don’t stop there. If a website does get infected with malware or hacked, it’s also their job to fix it.

Luckily, you don’t have to do these things on your own (okay, the password bit you probably should). There are tools, like SiteLock Security, that are designed to prevent and mitigate attacks and harm to your website.

Sometimes, we get asked, “Isn’t it my web hosting provider’s job to keep my website secure?” And the answer is no, it isn’t.

Jessica Ortega created this great, short YouTube video that explains the responsibilities of both website owner and web host when it comes to security.  In it, she interviews Ryan Austin, who paints the following analogy.

Think of your web hosting provider as the superintendent of an apartment complex. It’s their responsibility to make sure the building is secure from the outside, to keep the lights on in the parking lot, and ensure all is well outside of your apartment. Your website is like an apartment in the complex and it’s your responsibility to keep it secure — lock the doors and do your part to prevent intruders. If someone does get in because you’ve left a window or door unsecured, your superintendent isn’t at fault.

What happens if my site gets hacked?

Your website is central to your business, so if it gets hacked or infected with malware you face a number of potential consequences that range from a suspended site, to data theft and ransom, and loss of revenue and consumer trust.

If your web host detects malware on your site, they’re liable to suspend or take down your site. This is because they don’t want the malware on your site to spread and infect other sites. It’s similar to the idea of using quarantine to keep viral infections at bay.

A site infected with malware isn’t something you can keep under wraps. Google’s Chrome browser is the most used internet browser in 2020, and it’s not shy in warning its users away from websites that are possibly infected with malware. If they detect that your site is infected they’ll blacklist it and alert their users, as malware can spread to people who visit and interact with your site. Your potential customers won’t want to take the risk. Instead of doing business with you they’ll turn around and find a (safe and uninfected) competitor’s website.

And if your website is infected with malware, chances are you’ll have to restore it to an older version (assuming you have backups) or re-build it altogether, both options meaning you’ll have lost a lot of time and hard work.

The effects of website hacking are many and varied, but never pleasant. Here are five real-life examples of small businesses that got hacked and their devastating consequences.

How to keep your website secure with SiteLock Security

The security of your website should be a top priority, and there are things you can do today to help prevent and mitigate attacks to your site.

We know that small business owners, entrepreneurs, and people with side hustles wear a lot of different hats. It’s tough enough keeping up with the day-to-day aspects of running your business much less staying on top of online threats that are hard to see and harder to predict.

That’s why we’ve partnered with SiteLock Security to give you, and your website, some peace of mind.

Benefits of SiteLock Security

SiteLock Security protects your website from malware, viruses, hackers, and spam. It does this by scanning your site for these malicious things, automatically removing any malware it locates, and alerting you when something doesn’t look quite right.

In addition to the services they provide behind-the-scenes, SiteLock Security comes with a seal that you can display on your site. The SiteLock seal inspires confidence in your site; in fact, when SiteLock and Domain.com did a user study in 2014, we found that displaying the SiteLock seal can increase conversions by up to 15%.

SiteLock Security plans and features

At Domain.com we offer three different SiteLock Security plans: Essentials, Prevent, and Prevent Plus, to suit the varying needs of website owners.  

If you think you might need even more protection to maintain your website performance and security, we can help. Call us toll-free at (800) 403-3568 to speak to an expert and make sure that your website gets all the protection it needs.

Don’t delay when the security of your website and site traffic is at stake.

Hackers, malware, suspended websites — it all sounds like the stuff of small business nightmares… because it is. Save yourself a headache or ten by investing in your website’s security now. 

Get SiteLock Security today and rest easy knowing that your website is in good hands. 

]]>
https://www.domain.com/blog/sitelock-security-keeps-your-website-safe/feed/ 0
SSL and HTTPS: A Technical Guide https://www.domain.com/blog/ssl-and-https-a-technical-guide/ Tue, 24 Dec 2019 09:45:00 +0000 https://www.domain.com/blog/?p=3466 Continue Reading]]> How does information remain secure when it’s communicated over the Internet?

In large part, that’s due to something called Secure Sockets Layer, or SSL. SSL is a technology that keeps internet connections secure. It encrypts and protects sensitive information and data as it’s sent between two systems (like your browser and another website or two servers). SSL stops bad people and bots from reading or changing the information being sent between the systems, like credit card information during an e-commerce transaction.

If you have a website or are in charge of the web hosting for your business, you need to understand the importance of data privacy and securing internet connections. As you begin your research, you’ll come across the term “SSL port” and that’s what we’re focusing on today.

What is an SSL port?

Data can be communicated between systems (like your web browser and your favorite online shopping website) with or without SSL. But the SSL port number is what indicates whether or not your connection is secure.

How can I tell if my connection to a website is secure?

Look at the URL in the address bar in your browser. You’ll see that the URL starts with one of two things: it’s either HTTP or HTTPS. The HTTPS indicates a secure connection and it uses port number 443. HTTP, an unsecure internet protocol, uses port number 80.

What is a port?

Whenever you open up your computer to visit a website you’re quite literally docking into the Internet, like a boat would dock at a port. Internet ports are numbered differently to indicate what the ports are used for and what they offer. These ports are called “TCP Ports” and that stands for Transmission Control Protocol.

If you’re diving into the world of websites and hosting, it’ll be helpful to know what the most commonly-used ports are and their assignments, or their purpose.

How Are TCP Ports Used?

TCP is pretty reliable. In order for TCP ports to work, there must be an “anchored connection” between Point A, where the data or request originates, and Point B, where the data or request is being sent. The only way that transmission of data will fail with TCP is if the connection between Points A and B is lost, like if you lost your internet connection.

What are the more common TCP Ports?

What’s the relationship between HTTPS and SSL?

To understand how SSL and HTTPS work together, let’s first go back to the unsecure HTTP. HTTP and HTTPS aren’t that different. In fact, the only difference is that when HTTPS creates and maintains a secure internet connection, it’s doing so with SSL.

How do I secure my website with SSL?

You want your site visitors and customers to trust you. You want them to have faith in your site and know that the information they’re sharing with you during a purchase is safe and secure. The way to go from HTTP (a visual marker of an unsecure site) to HTTPS (the visual marker of an SSL-secured site) is to install an SSL certificate on your website server. This certificate verifies your site’s identity so that information can be passed securely from your web server to your visitors’ browsers.

Is SSL a certificate or a protocol?

SSL certificates and HTTPS protocol are two separate things. But together, they make for a mighty secure internet connection.

Think of the HTTPS protocol as the physical structure that allows encrypted information to travel securely from point A to point B.

SSL certificates are what encrypts the information being shared over that HTTPS structure. However, you must keep in mind that the SSL certificate itself isn’t going to do anything for you. It only works once you’ve configured and set it up on your server.  

Isn’t SSL outdated?

If you’re researching SSL then you’ve probably come across the term “TLS.” Is it really a new and improved version of SSL? What are we all doing still talking about and using SSL? Don’t worry folks, we’ll explain.

TLS stands for Transport Layer Security, and it’s definitely a newer and better version of SSL. However, the term SSL is so well known that it stuck around even after TLS was introduced. So when you purchase SSL you’re in fact purchasing TLS (it’s like SSL plus).

What are the differences between TLS and SSL?

The original SSL was developed back in the wild & wooly 90s by a company called Netscape (remember them?). TLS isn’t too different, it uses many of the same technologies and protocol, but it’s been updated to withstand the security risks and issues of today’s world. TLS provides stronger encryption, but remember, it’s still referred to as SSL because that’s the more well-known name.

Why does my SSL port matter?

You need to configure your SSL certificate on your web server to get “HTTPS” to show in your website’s URL in the address bar. This indicates that you’re using an SSL port, which means the connection created between your site and someone’s browser is secure.

People are growing evermore distrustful of seeing “HTTP” in their browser and for good reason. With the amount of hacks and data theft happening today, people want to know you’re doing what you can to protect their information. Your SSL port indicates there’s a secure, encrypted connection that will keep their data away from malicious prying eyes.

Advantages to using SSL

  • Faster web page loading
    • HTTPS loads pages faster than HTTP. Who waits around for a webpage to load nowadays when there’s always a competitor around the digital corner whose site might be faster?
  • SEO Improvement
    • Your site is likely to rank higher in search results if you’re using HTTPS as opposed to HTTP.
  • Stop hackers and bad actors in their tracks
    • SSL encrypts the data transferred back and forth between two systems. Even if these bad people and bots could somehow see the data being transferred, they won’t know what it says.
  • Maintain PCI Compliance
    • PCI Compliance stands for Payment Card Industry Compliance. This is required by all credit card companies when making transactions online to further secure and protect against data and identity theft.
    • Part of the PCI Compliance guidelines are that your site must use HTTPS, which means your SSL certificate needs to be configured on your site before you can accept payments via credit card for purchases.
  • No scary alerts
    • If you’re using HTTP then chances are your site visitors are receiving notices telling them your website isn’t secure when they land on it. Frankly, this looks bad. It causes them to lose confidence in your site and odds are good they won’t be back.

Where can I get SSL for my website?

Domain.com offers a variety of different SSL certificates to suit you and your websites’ needs.

Only need basic SSL protection so your customers see your site is secure and you improve your Google search rankings? We offer that.

Do you have multiple subdomains that need SSL protection? We offer that, too.

And what if you have an e-commerce site and require even more protection for your customers’ data? Yeah, we’ve got you covered.

All of our SSL offerings come with a warranty ranging from $10K – $1,750,000 USD and a visual indicator that your site is secure.

Take a look at our plans and let us know if you have any questions about those, or SSL in general, in the comments.  

]]>
Secure and Protect Your Domain, Website, and Personal Information https://www.domain.com/blog/secure-and-protect-your-domain-website-and-personal-information/ https://www.domain.com/blog/secure-and-protect-your-domain-website-and-personal-information/#respond Fri, 11 Oct 2019 14:15:14 +0000 https://www.domain.com/blog/?p=3226 Continue Reading]]> Do you want everyone with access to the Internet being privy to your personal information?

No?

We didn’t think so.

Read on to find out how people can get your information and what you can do to stop it.

Domain Privacy + Protection: How to keep your personal information private

If you’re looking to purchase a domain name, or if you’ve already purchased one, you’ve surely seen mentions of “Domain Privacy.” But what does it mean? How is Domain Privacy + Protection any different? Let’s explore that.

Whenever a domain name is purchased, the person or company registering it is required to use their legal, accurate personal information. ICANN, the international governing body for domain names, requires every domain registrar, like Domain.com, to maintain a publicly viewable “WHOIS” database. This database displays the personal contact information for every registered domain, which includes phone numbers and email address.

It’s important to know who’s behind the websites you visit and trust the most, and where you get your information from, so there is a reason for having that information be available. However, there are a lot of bad actors out there who take advantage of the public WHOIS database and they scrape the base for numbers and email addresses.

Has your phone number ever made it onto a telemarketing list before? If not, take it from the rest of us, it’s not pleasant. How about your email address — do you like spam?

Ready for some good news?

You can maintain the privacy of your information

When you purchase Domain Privacy + Protection you’re making the decision to keep your details out of the WHOIS database and instead, provide the database our information. We have the teams and resources to deal with any spam volume that amounts from having our information on the database; this way, your precious time and information remains yours alone.

Domain Privacy + Protection can save you a lot of headaches, just take Shiloh’s word for it.

Go beyond maintaining privacy with protection

Every domain registrar, like Domain.com, offers some kind of privacy product for your domain names. However, we thought we’d take it a step further and provide protection for your domain, too.

In addition to keeping your information private, you also have to worry about the threat of hackers and human error to your domain and website. Domain Privacy + Protection helps to keep you safe from both of those things. Our protection services are powered by SiteLock and provide malware scans and blacklist prevention to maintain your online reputation. When domains get blacklisted, their site traffic and marketing will suffer. Stay confident that your domain name has a good reputation by using Domain Privacy + Protection. We’ll alert you if anything should happen so you’re able to take quick, corrective action.

You’ll still own your domain name

One question we frequently hear is, “Do I still own my domain name if my information isn’t shown in WHOIS?”

Yes! You do. You still maintain full control and ownership over your domain name. Domain Protection + Privacy helps to prevent identity theft, unwanted spam, and the sale of your personal information to make owning your domain name a little easier and worry-free.

How can I get Domain Privacy + Protection?

Although you can add Domain Privacy + Protection before or after registering a domain name, we recommend doing it before. This way, your personal information is never made public in the WHOIS database. If you wait to purchase Domain Privacy + Protection, your information could be made public for a while and there’s no telling who will have seen it. It may take some time for all the WHOIS websites to clear their data caches and remove your information from public view if you choose to purchase it after your domain name.

Ready to purchase your domain name and take your idea to the next level? You can do that right here. And let us know if you have any questions, we’re here to help.

]]>
https://www.domain.com/blog/secure-and-protect-your-domain-website-and-personal-information/feed/ 0
How SiteLock Security Protects and Guards Your Website https://www.domain.com/blog/protect-website-sitelock-security/ Thu, 19 Sep 2019 14:04:59 +0000 https://www.domain.com/blog/?p=3327 Continue Reading]]> The Internet is big, like, really big. Besides that, it can be an intimidating and scary space.

Lately, news of online hacks and data breaches abound. You wouldn’t think that hopping online to buy a new sheet set from a major retailer could jeopardize your private and financial information, but for many of us, it’s happened and it’s a hassle.

So what can you do to reassure your website visitors and prospective customers that your site is a safe place to transact? Wouldn’t it be helpful if there was some kind of visual indicator?

Rest easy, because there is!

SiteLock Security is a website must-have

It’s called the SiteLock Security Seal and you can proudly display it on your website with any purchase of SiteLock Security.

That’s not the only benefit SiteLock Security provides. In fact, by the time you’re done with this article you’ll wonder how you ever published a site without it.

SiteLock Security can be purchased through Domain.com

Let’s take a look at why you need SiteLock Security on your site.

Malware Scanning – What is malware? It’s a portmanteau, created from the words malicious and software, and it strikes fear into the hearts of Internet users the world over.

Ever heard of viruses or Trojans? How about ransomware or spyware? These are a sampling of different types of malware. Viruses spread from infected files to clean files and can cause extreme damage to websites. Trojans, a lá their namesake, are discreet — they create “backdoors” that allow other viruses into your computer, server, and security. Ransomware and spyware are what they sound like — one can hold your computer and its contents hostage while the other spies on your every action.

Depending on the SiteLock Security plan you choose we offer both daily and continuous malware scanning so you can relax in the knowledge and comfort that we have your, and your website’s, backs.

Automatic Malware Removal – All those nasty types of malware we just discussed?— yeah, we’ll automatically get rid of those for you if they’re detected by SiteLock Security. If you don’t have the time to manually scan and remove malware yourself (and who does?), don’t fret because we’ve got you covered.

Blacklist Monitoring – There are a lot of good lists out there that you want your name on, like the VIP list for that fantastic new eatery opening up around the corner. But a blacklist? Not so much.

If you find yourself on a blacklist your bottom line will feel the negative impact. So what is a blacklist and why is appearing on them detrimental to your site and business?

We’re betting SEO and where your website shows up in Google search results is important to you. (If not, it should be.) SiteLock’s Blacklist Monitoring will help ensure you don’t get put on one of Google’s blacklists, which would damage your domain and site reputation, and keep your site out of search results. 

Block Automated Bot Attacks – Bots, also known as Internet Robots, come in a variety of forms and perform numerous functions. Some bots are good, like the spiders and crawlers Google uses to search websites and determine the best results for people’s search queries. These are not the bots to worry about, and not what SiteLock protects against. SiteLock Security protects your site from bad bot attacks.

Bad bots exploit issues on your site and aggravate the effects of any malware on your site. Put simply, bad bots do bad things. Their functions run the gamut from logging keystrokes (that means they track and record the keystrokes your site visitors make — including when they enter sensitive and financial information and login credentials) to sending spam that can land you on blacklists.

Not all bots are as nice as Wall-E.

DDoS Protection – What’s DDoS? It stands for Distributed Denial of Service. DDoS Protection prevents your site from succumbing to a DDoS attack, which can render your site unusable for the duration of the attack.

DDoS attacks are a particularly ugly form of bot attacks. What happens during a DDoS attack? It’s when multiple compromised computer systems (usually ones that have fallen prey to a Trojan virus) maliciously band together to flood your website and server — rendering your site unreachable because it’s overwhelmed. Sometimes DDoS attacks can last a few minutes, or in particularly bad cases, they can last for days. What would happen to your revenue if your e-commerce site was rendered unusable and unreachable for days on end? Nothing good, that’s for sure.

Advanced Web Application Firewall – You’ve probably heard of firewalls before as they’ve been around for a long time. Basically, firewalls are another way your site and server are protected from bad actors trying to infiltrate them.

Think of a firewall as a bouncer, and an advanced web application firewall (WAF) as the biggest, baddest bouncer around. When bots and other malicious entities try to reach your site and server to wreak havoc, your WAF won’t let them through the door.

Keep your website up and running with SiteLock Security

When it comes to Internet security, it pays to be safe.

Running an unsecured website is like playing Russian roulette with your digital livelihood. Don’t become a victim, unable to use or monetize your site due to DDoS attacks or Trojan viruses; instead, use SiteLock Security.

SiteLock Security is the guardian your website needs — never sleeping, always on, and always working in your best interest. If anything malicious is detected on your site you’ll receive email and account alerts, and you’re guaranteed a quick response time should we at Domain.com need to jump in and help with anything happening on your site.

So what are you waiting for? Safeguard your site today

]]>
SSL: How Does it Keep Your Website Secure? https://www.domain.com/blog/ssl-how-does-it-keep-your-website-secure/ Wed, 11 Sep 2019 15:19:10 +0000 https://www.domain.com/blog/?p=3295 Continue Reading]]> SSL: Just another silly acronym?

Hardly.

SSL stands for Secure Sockets Layer, and you need it if you want your website visitors and potential customers to trust you and your site. Stick around as we dive into the details regarding SSL — you’ll learn what it does, how it can affect your SEO efforts, and how it influences people’s trust in your site. 

What is SSL and how does it work?

What exactly is a Secure Sockets Layer? Dictionary.com defines SSL as “… a protocol that uses encryption to ensure the secure transfer of data over the Internet.”

In a nutshell, SSL is a technology that keeps your website visitors’ personal information private (and away from hackers) when they submit it on your website. 

Fun fact: The original SSL technology has since been replaced by an updated version, called TLS or Transport Layer Security, but the collective Internet is so used to the term SSL that we keep using it.

Think of it this way: Whenever someone fills out a form or submits information on a website their information has to digitally travel from point A (where they submitted it) to point B (where it’s stored).

Getting from point A to point B.

If the website they’re using isn’t secure, or doesn’t use SSL, then hackers can intercept and read the information being transmitted. This is called a man-in-the-middle attack and you won’t know it’s happened until it’s too late. 

Secure websites, or those that have an SSL certificate, are less likely to fall prey to any MITM attacks. When SSL is used, the connection between your computer and the other site is secured and heavily encrypted, making it nearly impossible for hackers to snag any information being passed back and forth. 

Put yourself in your site visitors’ shoes. If you like to do online shopping or banking, wouldn’t you feel better knowing your information is transmitted via a secure connection? We sure would. And a survey by GlobalSign found that “85% of online shoppers avoid unsecure websites.” That’s a lot of business you could be missing out on. 

How to identify a secure site. 

Websites can’t hide their security status. In fact, most browsers will alert you to a site’s security status in the URL bar. 

How do you know if a site isn’t secure?

If you use Chrome, you’ll see an alert that looks like this:

If you click on the information icon, you’ll get the following message:

What will you see on a site that has SSL enabled?

On Chrome, you’ll see a little padlock icon to indicate a secure site. 

If you click on the padlock icon, you’ll receive the following message:

Alternately, you can look to the website’s full URL in the browser’s address bar to find out whether or not it uses SSL.

  • Not secure websites: URLs will start with “HTTP://…”
  • Secure websites: URLs start with “HTTPS://…,” where the S stands for secure.

Secure websites perform better in search engine results

Since 2014, Google has said that they use HTTPS as a ranking signal in search results. 

What does that mean for you?

If your website has SSL then it’s more likely to show up higher in SERPs (search engine result pages) than a site that isn’t secure. Even if you’re not collecting visitors’ information on your website, you need SSL so you aren’t penalized in search results. 

Google has pledged to “continue working towards a web that’s secure by default,” so we don’t think HTTPS importance will decrease any time soon. 

How can you add SSL to your site?

It’s easy with Domain.com — we offer a variety of SSL certificates to fit your needs. Here are the plans and details so you can identify the best option for your site. 

LetsEncrypt Free SSL – If you have a basic website and don’t collect any sensitive information from your visitors, then this option should suffice. Search engines and visitors will see that your site is secure and that will increase their trust in you.

Before getting SSL for your site, you’ll need to make sure you have your domain name and hosting. Then, you can log into your account to turn on your free LetsEncrypt SSL. 

If you actively collect customer information (even if it’s just an email address) on your site or manage an e-commerce site then consider purchasing a more advanced SSL offering, like one of the following, all powered by Comodo SSL.

Domain Validated SSL – Secure your customer information, help boost your Google search rankings, and receive the TrustLogo® Site Seal to display on your site. You’ll also be backed by a warranty from Comodo SSL for up to $10,000 to protect the end user.

Wildcard SSL – Our Wildcard offering will give you all the features of the previous plan along with the ability to protect multiple subdomains. You’ll receive a warranty of up to $250,000 to protect the end user with this plan.

E-Commerce SSL – This is our best SSL plan and is ideal for those with e-commerce websites, and offers a green “trust” visual bar for your site, like you see in the image below, and up to a $1,750,000 warranty for the end user. 

Rest easy knowing you’re secure with SSL

The importance of having SSL on your website is only going to increase. 

Google is without a doubt the most popular search engine, and they aren’t pulling any punches when it comes to making the Internet a safer place for all of us.

If you don’t have SSL you risk having your site pushed down in search engine results and losing your site visitors’ trust. Get SSL today, and turn your site into a trusted resource. 

]]>
How to Block an IP Address https://www.domain.com/blog/how-to-block-an-ip-address/ Thu, 23 May 2019 16:50:12 +0000 https://www.domain.com/blog/?p=3094 Continue Reading]]> Of all the metaphors used to describe the internet, one of the most appropriate might be the “Wild West.” The Wild West, just like the internet, was expansive and difficult to regulate, and filled with bandits and marauders who would take advantage of someone without batting an eye.

While technological progress has fortified internet security, in reality there are still many ways for bad actors to infiltrate a business or person’s website, email, or online persona in order to wreak havoc.

How to Block an IP Address

Just as it would have been in the Wild West, it’s important to learn how to protect yourself from external threats. The basic security offered by internet servers can ward off some infiltration attempts, but often crafty criminals slip through the cracks.

Learning how to identify and block the IP address of an online pest is perhaps the best way to improve your security on the internet.

It all starts with a great domain. Get yours at Domain.com.

What is an IP Address?

Blocking IP addresses might be the most effective way to bolster your internet security, but what good is that knowledge if you don’t know what an IP address is?

The best way to think of an IP address is by comparing it to a street address. Think about your place of residence—you receive bills, packages, and guide friends to your house by giving them a combination of numbers and letters. That combination—your address—is used to single out your location in relation to all other possible locations.

IP addresses work in the exact same way.

  • Each device that’s connected to the internet is assigned a unique IP address.
  • A device’s IP address allows the device to interact with, receive information from, and otherwise contact other devices and networks on the internet.

Simply put, an IP address places internet users on the grid. Without it, they would be unable to communicate with other networks.

What do IP Addresses Look Like?

Even though most internet users connect to the internet using an IP address on a daily basis, the vast majority of people don’t know what an IP address looks like.

There are two forms that an IP address can take. The first is IPv4, which stands for “Internet Protocol version 4.” The second is IPv6, which stands for — can you guess? — “Internet Protocol version 6.”

IPv4

Invented all the way back in the 70s, IPv4 was the first wave of IP addresses. Most devices are still connected to the internet using an IPv4 address, but that started to change in 2011 with the release of IPv6.

  • IPv4 addresses are composed of four numbers between 0-255, separated by dots or periods.
  • An IPv4 address might look like: 99.31.235.187.

From the inception of the internet, IP addresses were provided using the IPv4 model. However, all of the available IPv4 addresses have been allocated, necessitating the move to IPv6.

IPv6

On June 6, 2012, IPv6 was launched by organizations like the Internet Society, among others. IPv6 addresses use a hexadecimal digit system, separates groups using colons, and may include letters.

  • The number of conceivable IPv6 addresses is enormous and won’t run out anytime soon.
  • An IPv6 address might look like: 2001:0db8:85a3:0000:0000:8a2e:0370:7334.

The complexity of an IPv6 address means that the internet will be prepared to host an even larger number of connected devices in the future.

Why Block an IP Address?

There are several reasons a business, educational institution, or internet user would attempt to block an IP address. In general, the most common reasons are:

  • Blocking Bots, Spammers, and Hackers: When bots, spammers, and hackers attempt to infiltrate your website, it can put a heavy strain on your bandwidth and decrease the speed with which you and other users can access your website. If you run a business online, this can be detrimental to sales.  
  • Limiting Website Access: Many academic institutions and businesses use IP blocking to limit the websites that students or employees can visit. The goal is typically to increase productivity by limiting distractions.
  • Protecting Data: Hackers often attempt to infiltrate websites to steal data or other important information. That information can be used to blackmail or otherwise undermine a company.
  • Maintaining Confidentiality: Many academic institutions and companies who keep sensitive records—like transcripts, health records, etc.—are regularly targeted by hackers. Identifying threatening IP addresses and placing them on a blacklist is an essential step to keep those records safe and confidential.

This list should only be seen as the tip of the iceberg. There are countless reasons that an individual or organization might want to block certain IP addresses, and there should be no underestimating how malicious certain internet hackers can be.

How to Block an IP Address

Ultimately, blocking an IP address allows administrators and website owners to control website traffic. The process of blocking an IP address—or several—changes depending on the operating system that’s being used.

While there are several different operating systems, the most common are Windows and Mac. We’ll cover the steps for blocking an IP address using both of these systems, which achieve the same goal through slightly different means.

Blocking an IP Address for Mac Users

To block an IP address on your Mac computer, you’re going to need access to your wireless router (or LAN router, which connects to the internet using an Ethernet cable). Knowing the password is essential, which can often be found printed or stuck on the outside of the modem.

  1. System Preferences: Find the Apple menu, represented as the Apple logo in the top left corner of your computer screen. Open the dropdown menu and select “System Preferences.” Once your System Preferences menu appears, find the icon labeled “Network.” Then, press the “Advanced…” bar at the bottom of the screen. Navigate to the TCP/IP tab, where you should find your IPv4 or IPv6 address.
  2. Access Router: Next, you’re going to have log into your router. Again, password information can typically be found on the outside of the router, but if you’re having trouble you can always contact your network administrator.
  3. Restrict Access: Once you’ve logged into your router, a list of enabled and disabled IP addresses should appear. From there, most routers will give you the option to deny access to unique IP addresses or an entire range of addresses. You should also have the option to block a website. After blocking the IP address, your network will be protected from that address.

Blocking an IP Address for Windows Users

Blocking IP addresses on a Windows computer requires going through the “Windows Firewall.” In tech terms, a firewall is a component that allows your computer to block access to your network without inhibiting your ability to communicate with outside networks.

This guide is going to explain how to locate and block the IP address of a website. Windows Firewall makes this a relatively simple process. If you already know the IP address you want to block, begin with step 3.

  • 1 – Locate Website to Block: Open your internet browser and locate the website you want to block. Highlight and copy everything that comes after the “www” in the web address.
  • 2 – Open Command Prompt: Navigate to your start menu and open “Command Prompt (Admin).” Paste the website’s web address into the first line of code. Command Prompt should respond by generating several lines of code, which should reveal the website’s IP address. Highlight and copy the IPv4 or IPv6 address. Return to your internet browser, paste it into the search bar, and press enter. Confirm that it takes you back to the website.  
  • 3 – Open Windows Firewall: Open the start menu. Locate “Control Panel.” From there, find “Windows Firewall.” Open it.
  • 4 – Advanced Settings + Windows Inbound Rules: With Windows Firewall open, locate and click on “Advanced settings” on the left of the screen. Then, locate “Inbound Rules,” which should also be found near the top left of the screen. This should change the menu options. On the right portion of the window, find and click on “New Rule…”
  • 5 – New Rule: With the New Rule tab open, select the “Custom” option and press “Next.”  Advance by pressing Next two more times, until you arrive at a window which asks “Which remote IP addresses does this rule apply to?” Click the option that reads, “These IP Addresses.”
  • 6 – Add IP Addresses: Click on the “Add…” button. From there, you can paste the website’s IP address (or any other IP address) into the box that reads “This IP address or subnet:” Repeat this process, adding all IP addresses you wish to block. Once they’re added, click “Next” at the bottom of the screen.
  • 7 – Block: Three options should appear on the next page. The bottom option will read “Block the connection.” Click this and advance to a page which prompts you to “Name,” the blocked IP addresses. After you’ve named it, press Next until the “Finish” bar appears. Click Finish.
  • 8 – Repeat Process with “Outbound Rules”: Return to the Advanced settings window and repeat the process you completed under “Inbound Rules” with “Outbound Rules.”

Once steps 1-8 are complete, the IP address or addresses that you’ve isolated will be blocked from your network.

Why Have I Been Blocked?

If you’ve attempted to visit a website and discovered that you’ve been blocked or have otherwise been denied access, there are several potential reasons.

The most common include:

  • Viruses in your Device
  • Software Extensions
  • History of Illegal Actions

Viruses in your Device

One of the most common reasons that IP addresses are blocked from accessing remote servers is because the remote server detects a virus contained within your IP address. It’s often the case that internet users don’t even know that they have picked up a virus.

Once you’ve removed the virus from your network, feel free to reach out to the website you attempted to access and explain why you should be removed from the blacklist.

Software Extensions

There are many ways to customize your internet browser. Some of the extensions that you can add will eliminate pop-up ads from websites or attempt to detect viruses that might be hiding within a website.

While there’s nothing illegal about adding extensions to your browser, some websites will ban users who run ad-blockers. They may see this as a disruption of their revenue flow.

History of Illegal Actions

If you have a history of conducting illegal activity online, many website admins will block your IP address as a preventative measure, deeming you untrustworthy. Online illegal activities may include illicit trade, activity in the dark web, or cyber-crimes.

Inappropriate Website Content

If you operate a website that contains potentially offensive content like pornographic material or illegal trade, you will likely be blacklisted from many websites on the grounds that your content is subjectively inappropriate.

While you may disagree with the decision of another admin to blacklist your website, there is often no way around the blacklist outside of a direct appeal to the admin.

It all starts with a great domain. Get yours at Domain.com.

Recapping How to Block an IP Address

To recap, IP addresses are used to connect devices to the internet at large. They help locate a connected device in relation to all other devices. By discovering the IP address of a device or website that is causing trouble to an internet user, that user can block the address using a rather straightforward process.

The process of blocking an IP address may change depending on the operating system that is used by the internet connected device. While there are more steps required for PC users, the process is equally straightforward, and perhaps even easier than the process required by Mac users.

If your IP address has been blocked, there are several possible reasons. The first, and most common reason, is that your IP address is associated with a virus—usually one that you’ve picked up by accident. By using antivirus software, you can purge that virus from your computer and then appeal to the website admin to remove you from the IP blacklist.  

]]>
GDPR: What You Need to Know and How Domain.com Helps You Comply https://www.domain.com/blog/gdpr-what-you-need-to-know-and-how-domain-com-helps-you-comply/ Mon, 30 Apr 2018 12:54:05 +0000 https://www.domain.com/blog/?p=2277 Continue Reading]]> Businesses, large and small, are in the midst of preparing for compliance with the European Union’s (EU) new data privacy laws: The General Data Protection Regulation, or the GDPR, which will go into effect on May 25, 2018.

The GDPR is very broad in scope and can apply to businesses both in and outside of the EU.

Businesses that don’t comply with the GDPR could face heavy fines.

Here’s some information about GDPR. (Note: you should also consult your own legal counsel to determine if you are subject to the requirements of GDPR.)

What is GDPR?

GDPR is short for the General Data Protection Regulation that goes into effect on May 25, 2018. It was passed by European lawmakers to create a harmonized data privacy law across all the EU member states. Its purpose is to:

  • support privacy as a fundamental human right;
  • require companies that handle personal data to be accountable for managing that data appropriately; and
  • give individuals rights over how their personal data is processed or otherwise used.

What is personal data?

In a nutshell, GDPR defines personal data as “any information relating to an identified or identifiable natural person.”

Ok, so what does that mean?

In addition to the kinds of information you might think about – name, address, email address, financial information, contact information, identification numbers, etc., personal data can also include information related to your digital life, like an IP address, geolocation, browsing history, cookies, or other digital identifiers.

It also could mean information about a person, including their physical, mental, social, economic or cultural identities.

Therefore, if information can be traced back to or related in some way to an identifiable person, it is highly likely to be considered “personal data” under the GDPR. You can find out more about the GDPR here.

What rights does the GDPR provide to individuals?

There are several rights an individual may exercise under the GDPR, including:

  • Right of access: Individuals can ask for a copy of the personal data retained about them and an explanation of how it is being used.
  • Right to rectification: Individuals have the right to correct, revise or remove any of the personal data retained about them at any time.
  • Right to be forgotten: Individuals can ask to delete their personal data.
  • Right to restrict processing: If an individual believes, for example, that their personal data is inaccurate or collected unlawfully, the individual may request limited use of their personal data.
  • Right of portability: Individuals have the right to receive their personal data in a structured, commonly used and machine-readable format.
  • Right to object: Where an individual decides that they no longer wish to allow their personal data to be included in analytics or to receive direct marketing emails or other personalized (targeted) marketing content at any time, the individual may opt out of use of their data for these purposes.

Please note that these rights are not absolute, and limitations/exceptions may apply in some cases.

What is Domain.com doing to comply with the GDPR?

If you exercise any of these rights as an individual Domain.com customer or representative of a Domain.com customer,Domain.com will respond in accordance with our Privacy Policy.

The Domain.com Privacy Policy explains what information we collect about you as a Domain.com customer and how your personal data may be used or shared by Domain.com.

Where required, we will also support you, as a Domain.com customer, in fulfilling GDPR related data subject requests you receive from your contacts.

Also, from May 25th, we will not publish the  personal data of domain name registrants located in the EU in the WHOIS. This is to ensure our WHOIS output is compliant with the GDPR.

However, access to personal data of domain name registrants may be granted when such access is necessary for technical reasons such as for the facilitation of transfers, or for law enforcement when it is legally entitled to such access.

“Controllers” and “Processors”

Generally speaking, there are two types of parties that have a responsibility regarding the handling of data: the “controller” and the “processor.” It is important to determine if you are acting as a controller or a processor and understand your responsibilities accordingly.

A “controller” determines the purposes and means of the use of personal data.

A “processor” on the other hand, only acts on the instructions of the “controller” and processes personal data on their behalf.

So, what does this mean?

Domain.com can be either a “controller” or a “processor” depending on the  data processing activities that are being performed.

Usually, Domain.com is a controller in relation to the personal data that you provide to us as a customer. In certain circumstances, you are acting as the controller, for example, when you decide what information from your contacts or subscribers is uploaded or transferred into your Domain.com account.

How does the GDPR affect my business?

Individuals, companies, or businesses that have a presence in the EU or, if no presence, offer goods or services to, or monitor the behavior of, individuals in the EU need to comply with this law.

We are reviewing and updating, as necessary, our agreements with you and with our subcontractors (to include the necessary GDPR terms), as well as notices, policies and internal processes, features, and templates to assure our compliance and help you achieve compliance.

Please consult with your own legal counsel about whether GDPR applies to you and your business and what actions you need to take to ensure that you comply with the GDPR.

What do I need to do differently to comply with GDPR?

If the GDPR applies to you, there are various obligations you will need to comply with in order to continue doing business with your customers from the EU. Luckily, not all of these obligations are new, so you should be complying with some of them already.

The most important differences in this context are as follows:

  • More information about your use of personal data must be communicated to your customers. You should make sure that your privacy notices/policies are updated to reflect the new requirements of the GDPR, including setting out the purposes of your processing personal data, how long you are retaining such data, and what legal basis for use of personal data are you relying on. As a customer of Domain.com, your agreement to our Terms of Service requires you to lawfully obtain and process personal data appropriately, including that of EU Individuals as part of the GDPR.
  • You should determine the legal basis for your use of personal data: If you are relying on consent to use your customers’ data you should ensure that the consent you have meets the new requirements of the GDPR . Please note that sending marketing emails or showing promotional content in any form to your customers may require, in certain circumstances, prior opt-in consent from them. As a reminder, you have already agreed through acceptance of our terms of service to lawfully obtain and process all personal data appropriately and have attested that you have permission to expose your customers to promotional content.
  • You will also need to comply with the rights provided to individuals by the GDPR. See section above “What rights does the GDPR provide to individuals?” for details.

You should consult with your legal counsel on the above and your other obligations under GDPR.

What if you have more questions about GDPR?

If you have specific questions about GDPR, please, contact Support.

Other changes

The rules contained in the EU Directive on Privacy and Electronic Communications is under review and we are expecting a new ePrivacy Regulation to be finalized soon.

Once these new rules are finalized, we will be reviewing our forms and features again to provide our customers with the necessary tools to achieve compliance.

NOTE: The information included on this page is meant to guide you through the process of understanding GDPR and is not a substitute for legal advice. Find more information on the GDPR website.

]]>