SSL security and how our plugin makes it even secure

What is SSL?

SSL stands for  Secure Sockets Layer and is the technology used to secure server to browser transactions. Security is fundamental in a business, and customers knowing that your site has SSL will be comfortable using their purchase information to purchase products from your site.

How can I enable SSL?

You can reach out to your hosting provider, and they most likely offer these services for you.

How do I know if SSL is active?

SSL-enabled websites will have a lock icon when it is accessed, and instead of your site being served with HTTP: it will now be served as HTTPS: A good example of this is our site: https://weareag.co.uk/, which has SSL enabled.

If the site is using HTTPS, shouldn’t they be secure already?

There is much more to be done to be secure than just having an SSL. The SSL will encrypt the data being sent, but it’s not 100% as that data could be targeted.

Our plugins also send an encrypted string (COMPLUS) that we encrypt using RIPEMD & Sodium encryption. This is the same encryption that Bitcoin uses. We do this to stop the man-in-the-middle attacks.

We also now allow you to store the API details outside of the database. We are the first WooCommerce payment gateway provider to do this. This means if you get hacked, your API details will not be visible to a hacker with WP admin access: https://weareag.co.uk/docs/barclays-epdq-payment-gateway/setup-barclays-epdq-payment-gateway/storing-strong-api-credentials/.

The next thing to do is to make sure your host and your server are PCI compliant and to make sure you keep ALL plugins and themes up to date.

Was this helpful?