Running an eCommerce site is an exciting and essential way to expand your business. While most small businesses prefer to piggyback on existing platforms like Amazon, Etsy, or eBay to keep costs to a minimum, an increasing number of medium-sized organizations are building their own.
Building an eCommerce site is a fantastic way to sell your products or services, especially if your business is in a niche area. Perhaps you sell electronic components that are complex to classify on general platforms, or you offer made-to-order handmade furniture, and your pieces are bespoke to each client. Or maybe you have a killer idea for a new way to present your products that standard platforms just don’t offer.
Whatever your reason, security is a key aspect to building customer trust, and while there is a lot of information on the web about server-side security, there is less on the client-side. In this article, we look at a few aspects to consider.
SSL and TLS
Technically, Secure Socket Layers (SSL) has already been deprecated in favor of Transport Layer Security (TLS), which is already in its fourth iteration, though it is common that these terms are used interchangeably. These protocols refer to the security certifications used on your site where data is exchanged on ports 80 (default, unsecure) and 443 (secure). As well as applying security certificates to your servers and/or services, it is best practice to redirect any traffic-making requests to port 443 so all traffic (other than any initial client-side requests) are guaranteed to run over the secure port.
This means that port 80 should be left open in your firewall settings to initiate the redirect. Some systems managers prefer to shut it off completely, but this is poor practice commercially as any requests made from users over HTTP (rather than HTTPS) will be lost and potentially result in lost sales.
One area not under the control of the eCommerce platform is email security. Email is a common target for phishing and virus attacks on client-side computers and tablets. Generally, both attack types are designed to do the same thing: to steal access or data. Viruses do this by installing a small program on the client computer, though phishing attacks can be much more subtle. They may:
- Include a link to reset (and therefore capture) your login details
- Ask you to send your login details. Often this is portrayed as an important and beneficial reason for the recipient, such as verification of the details
- Links to download a file
- Urgent reasons to click on a link or send your details e.g., a prize draw or event
While eCommerce sites have extraordinarily little control over attempts of these natures, they can help by giving advice on how users can be more vigilant to phishing attacks.
We can all play our part in preventing spam, junk, and phishing. More recently, many email providers have introduced the reporting of phishing attacks, virus, and junk mail. This is a powerful tool in the war against these attacks as the providers can automatically aggregate the results to become much better at auto-detecting communications of these types. So, the more data users provide, the fewer junk emails they are likely to receive.
Disclaimer: This content does not necessarily represent the views of IWB.
- Your Standard Of Living Is Being Systematically Destroyed
- The Everything Bubble Has Officially Burst… The Time to Prepare is NOW!
- DIESELGEDDON – America’s diesel supply on verge of catastrophic collapse, leading to HALTING of food, fertilizer, coal and energy
- The Baby Chemical Corn Syrup Juice Shortage is Actually Real
- Cars Passing Through Chicago Being Attacked
- Bidenflation Still Soaring, But Metals Dive -15% Since May 4th (Food UP 61.5% Under Biden, Gasoline UP 86%, Diesel UP 111%, Rents UP 16%)
- Even More Cases Of The Monkeypox Have Been Confirmed As This Sickening Plague Continues To Spread
- A Bizarre Skin Disease Is Mysteriously Spreading In The UK
- Sudden rise of unvaccinated children with liver damage, were breastfed (by fully vaccinated mothers)
- The NOPEC Bill Could Send Oil Prices To $300…HERE WE GO!