Does my website have included security?
At American Spirit Technology Group, we are 100% committed to the security of our platform. All our websites our securely hosted on our servers and are monitor around the clock by our industry grade security system. To ensure your website's security, we do not disseminate technical details of our security and system.
What is an SSL?
A Secure Socket Layer (SSL) is a security measure that can be installed on a custom domain to provide an encrypted connection to your website. This ensures information entered on the website, such as make a purchase, is safe from being hacked or discovered by an invasive 3rd party.
At this time, we do not currently offer services to purchase an SSL for custom domains. We are however currently working on introducing a service to purchase an SSL for your custom to all our clients. There is currently no estimated timeframe we can provide on this at this time. Once we have more news on this service, we will be letting all our clients know.
Please Note: SSLs purchased from any DNS provider, such as GoDaddy, are currently not compatible to be installed and used within our hosting environment.
What does my website have a ‘Not Secure’ message appearing?
If you’ve been working on your website lately, you may have seen a “Not Secure” notice in your URL window (example below). Rest assured that notice doesn’t mean that your website has been hacked, or will be hacked, or is not safe for people to visit.
Recently, Google and other major browsers have introduced a new update which will make this type of alert more common by displaying it on all web pages that contain the HTTP preface. HTTP (Hyper Text Transfer Protocol) is the primary technology protocol on the Web that allows linking and browsing, while HTTPS (Secure Hyper Text Transfer Protocol) is a secure encryption used to make data safe when transmitted over the internet. HTTPS is generally used on shopping sites to protect financial information, as well on as web pages that require sensitive information such as passwords.
With their new update, Google is spearheading the movement toward placing the HTTPS preface on all webpages containing potentially sensitive information, such as forms, passwords, and any information that can be deemed personal. You can read more about Google’s effort from their security blog.
So what does this mean for you and your LiveEdit site? For all intents and purposes, your LiveEdit website is safe and secure. All LiveEdit websites are built on a secure domain (your .liveeditaurora URL), and all purchases completed through your website (such as MINDBODY purchases) are automatically redirected through this secure LiveEdit domain. So there is no risk for potential clients purchasing classes or services, and transmitting sensitive information through your website.
That’s not to say that getting an SSL for your website is a bad idea. In a perfect world, all websites would have an SSL so browsing can be done securely at all times. And at LiveEdit, we are looking to the future and exploring the options for making SSL services available to all of our clients. But for the time being, you can have confidence knowing that we constantly monitor all of our websites and that your information is protected to highest degree 24 hours a day.
Why do I get an error trying to connect to the my custom domain with an HTTPS:// connection?
When connecting to the "HTTPS://" version of a site, it is trying to established a secured connection. (The 'S' in HTTPS stands for Secure). In order to have a secured connection, the domain (URL) needs a SSL (Secure Sockets Layer). If you navigate to your website using HTTPS from your custom domain, you will get a security warning due to not having an SSL (example below). When connecting to your website or sharing a link to your site on social media, please make sure use the HTTP version instead of HTTPS. For example: http://liveeditplatform.com
Are my clients MINDBODY information and purchases safe?
All MINDBODY transactions are secured behind the SSL offered on your '.liveeditaurora.com' URL. You will notice that this URL automatically displays when users are checking out their products. In addition, any MINDBODY client information access on the website is transmitted through our secured connection to MINDBODY's API. MINDBODY client information, such as credit card numbers, are not stored directly on your website or within our hosting environment. Our MINDBODY integration is also PCI compliant.