SSL Secure Server

SSL stands for Secure Socket Layer. It is an emerging standard developed by Netscape Communications to transfer information securely across the Internet. SSL will enable your customer's browser to connect to your web site and transparently negotiate a secure communication channel. Once this connection has been made, information, like credit card numbers, can be exchanged securely.

Please note that SSL does not include software to process credit card transactions. Although you can securely receive credit card information through SSL, actual processing of the credit card will require a "Merchant Account" from an accredited financial institution.

Two Ways to Utilize SSL:

Option 1 (not available on Windows 2000)
Use our SSL digital certificate. This is a FREE option for Silver Plan and higher UNIX accounts. The only drawback is that you will need to use our domain name in any secure URL. For instance, if your server number was www1301, the domain name for that group of servers is biz.rr.com. So, the URL would look like this:

         https://www1301.biz.rr.com/userid/orderform.html

If your account was on server number www1508, the domain name for that group of servers is biz.rr.com and the URL would look like this:

          https://www1508.biz.rr .com.com/userid/orderform.html

The exact shared secure link for your account can be found on the initial screen of your account's Control Panel.

Option 2
Obtain your own Digital Certificate from Verisign. This will allow you to reference a secure URL using your own domain name:

         https://www.YOUR-DOMAIN.com/orderform.html

How to Implement an SSL Secure Connection:
If you have a link to an order form, for example, from your home page, you would need to use a URL similar to following:

https://wwwXX.vwh1.net/<your-userID>/orderform.html (XX = server number)
(if you are using our digital certificate)
https://www.your-domain.com/orderform.html
(if you have your own digital certificate)

The "s" in https:// suggests an SSL related file. Substitute the path to the order form starting with user directory name. If your account resides on server #2, you would need to use https://www02.vwh1.net/<userid>/form.htm or 03, 04, etc. respectively depending on which server the secure form resides.

If the secure form calls a cgi script, you must also reference that script securely.

<form method="post" action="https://wwwXX.vwh1.net/<userid>/cgi-local/order.cgi">
(if you are using our digital certificate)
<form method="post" action="https://www.your-domain.com/cgi-local/order.cgi">
(if you have your own digital certificate)

Note: If you upgrade or downgrade your account and a server change is required, you will need to update your URL links to reflect a new server number.

Retrieving Data From Server
As mentioned above, the secure environment refers to the transmission of information between web browser and web server. We suggest that you have a script written to save the submitted form content to a text file. In so doing, you can reference the text via secure URL and retrieve its content (e.g. credit card information) securely via the web thus completing the loop.

https://wwwXX.vwh1.net/<userid>/datafile.txt
(if you are using our digital certificate)
https://www.your-domain.com/datafile.txt
(if you have your own digital certificate)

To protect the data from unauthorized web surfers, you can store the data file(s) in a password protected directory.

An alternative is to have the submitted form content sent to you via e-mail. If your form references a custom script, you will need to reference the script securely. E-mail messages are not secure, unless you encrypt them using a third-party encryption program such as PGP.