OpenCart SSL (Do I need one?)
Written by Joe Stenhouse Tuesday, 22 January 2013
This is a common question among persons that download and start using the Open Cart shopping cart: do I need an SSL? The answer is a unanimous YES. I will explain why this is true in this post but first let’s define what an SSL is and what it does. There are many articles on the web that go into further detail about the inner workings of SSL but this one will describe the basics only, and how it relates to Opencart:
SSL or (Secured-Socket-Layer) is an industry standard in providing security for those that visit your website. It is also one of the major pieces in becoming PCI-Compliant. The general rule of thumb for considering an SSL is this:
Do you have a page or pages that require the customer/user to enter sensitive data or a page/pages that have sensitive data passing along? This could be a login page, newsletter sign up, user accounts, administration back end or any other are where phishing and eavesdropping could prove deadly in capturing users emails, cc numbers, etc. It also includes pages that aren’t seen by the public but are run by your own scripts…passing sensitive data. The obvious answer will be yes, you do. By default, Opencart has an login pages that you will want to ENCRYPT with SSL. Another very important reason to offer SSL is to allow the customer/user to have a sense of safety when making a purchase, entering an email, or giving up sensitive data. If you expect to have customers sticking around on your website you need to show that you have a SECURE PLATFORM. What better way to do this then to show that you have an SSL installed? Modern browsers make it easy to see that your web page is secured by displaying a padlock in the browser bar or if you purchase a 3rd party SSL like Verisign you can turn your entire browser bar GREEN (this is gotten to be very popular on the web).
Can I afford an SSL? This of course can be answered like this: Can you afford not to? If you are serious about an online business then shelling out the money for protect your customers data should be a top priority, let alone making it better odds that you attract people and keep them on your website. The range of prices with SSL is enormous because not only is the quality of the encryption in question but the name of the provider is an important item to consider. For example, Verisign is very pricey but the name is well known throughout the world and accepted. In fact, statistics show that you have Verisign installed as a 3rd party SSL your sales will be MUCH LARGER than if you did not. This also isn’t a REQUIREMENT however for a successful online business. Some websites make millions per year and have a no name basic SSL. It all depends on what market you are in. In truth, the encryption for basic Verisign SSL and basic Arvixe SSL is about the same…..the only difference is you’d be paying for the verisign name. My advice for those that have a low budget:
Purchase an SSL from Arvixe and build capital on your website. When you can afford it go with a 3rd party like Verisign.
The overall answer to whether you need an SSL certificate for your online cart is, to me, an obvious yes. Don’t think for a second that because you are using PAY PAL STANDARD you don’t need an SSL. Just because you re-route your customers to a secure website like PayPal doesn’t exclude you from needing SSL. Like mentioned above, there are other page and sections of your site that require it.
For information on purchasing an ARVIXE SSL go HERE