My Website Got Hacked What Do I Do

highligthed URL bar showing SSL certificate

SSL stands for Secure Sockets Layer. What does this mean? Why is standard website interactions not SSL secure? Why is it not called “SSSL” : Standard Secure Sockets Layer, meaning all transactions are safe, not just inconsiderate website developers. Find out if SSL is really secure or just a smoke screen for an apparent secure website.

How Does SSL work

This is not the point of the article, if you are interested in the fine details of SSL then visit http://www.ourshop.com/resources/ssl.html. Otherwise in simple terms, SSL encrypts data send from your machine to and from the website.

How Secure is SSL

SSL does exactly what it states the data will be encrypted from point of submission to point of collection. Regardless of the debate between 64 to 2056 bit encryption schema’s, unless you are a very high profile online merchant or contain very sensitive information, no one will even bother try and break the encryption. 64 bit SSL certificates will suffice for 99.9% of websites. Breaking a 64 bit SLL certificate, unless an extreme knowledge of the targets setup is completely futile.

Unless your website and its machine are completely secure a SSL certificate makes your website as secure as a Porsche with tinted windows and four doors left opened.

Do Not Get fooled by SSL vendors

woman pointing the wrong way, SSL can be misleading SSL is designed to protect sensitive data when travelling across the great network of machines on the internet. The information will still be processed by the website on the backend once the data arrives and is decrypted. If a website has been breached, this data will be available to the hacker or hacker bot anyway. So what is the point? SSL are a great invention and have much more advantages than I state in this news item, such as website verification which is key to stopping website phishing. SSL certificates should really be standardized instead for all websites instead of only sections partitions, but that is a completely different article. They are useless against a website that has not passed a security audit. The information can still be found, via SQL attacks, authentication breaches, database access or from the file system.

See: What We Check For
See: Check Your Website

Author:

James Snipes, Software Developer & Network Analyst
Contact James through our Contact Us Page
DisclaimerPrivacyTerms of Use