Webbie.express and SSL
Webbie.express offers free SSL certificates from Let's Encrypt for all Webbie.express Domains and third-party domains connected and pointing to a Webbie.express site. With SSL enabled automatically, your visitors can access a constant, secure connection on every page of your site. Through SSL, your visitors see a lock icon next to your URL in the browser, showing that their information is safe.
Use the Security & SSL panel to customize your settings, and follow this guide to learn how to ensure a secure connection throughout your site.
What is SSL?
Secure Sockets Layer, or SSL, is a technology that secures the connection between your browser and the website you’re visiting. To verify that SSL is protecting a page, look for a URL beginning with https://, instead of http://, and a green, closed padlock icon. This allows visitors to navigate the website and submit information through a secure connection.
SSL provides three important security benefits:
Privacy: Encrypts the connection between the browser and web server and securely transmits information (like login credentials) to prevent unauthorized parties from eavesdropping.
Data integrity: Prevents unauthorized parties from altering data during transmission (like during a Form Block submission).
Authentication: Protects against impersonation by requiring web server proof of identity.
Enabling SSL may help your site load faster, as Webbie.express uses HTTP/2 for SSL-enabled sites. It may also help more visitors find your site: in 2014, Google announced that SSL-secured websites would potentially enjoy a rankings boost in their search results.
How Webbie.express uses SSL
If you have custom domains linked and pointed to your Webbie.express site, we automatically generate an SSL certificate for your site. This allows visitors to view your site over an HTTPS connection. This is automatically included for Webbie.express Domains and third-party domains. We use 2048 bit SSL encryption on all pages except checkout pages.
If you’re using a third-party domain, ensure that it’s correctly connected and pointing to your site to allow a secure SSL connection. Specifically, confirm that you’re using our required CNAME records and A records and that the domain points to Webbie.express.
When your site loads with SSL protection enabled, you’ll see a lock icon and https:// next to the URL in the browser bar.
Some older browsers don’t support the high security standards required by our SSL certificates.
Unsupported browsers include:
- All versions of Internet Explorer on Windows XP
- Internet Explorer versions older than 7
- Firefox versions older than 2.0
- Safari versions older than 2.1
- Any Google Chrome version older than 6
- Unsupported mobile browsers include:
- All versions of Safari running iOS older than 4.0
- Any Android browser running on a version older than 3.0 (Honeycomb)
- Any Windows Phone browser running on a version older than 7
Visitors loading your site on these browsers may have trouble loading the secure, HTTPS version of your site. In some cases, they might not be able to load it at all.
To avoid these issues, we recommend using a supported browser to visit or edit any Webbie.express site.
Some pages on your site may have mixed content, meaning that the page loads over a secure HTTPS connection, but integrated content or third-party customizations may load over an insecure HTTP connection. Mixed content on your website degrades HTTPS site security.
If you choose the Secure SSL setting for your site, your browser may display a warning when it loads mixed content. To avoid this, you can use the Insecure SSL setting, or experiment with other blocks that support your content securely.
SSL and eCommerce
If you sell products with Webbie.express eCommerce, your checkout page is protected by SSL to keep your customers’ credit card data safe and secure. On checkout pages, we’re Level 1 PCI compliant and use 128 bit SSL encryption.
When a customer checks out on your store, they’ll see a lock icon in their browser. If your site is on the eCommerce plan and you have the Secure SSL setting enabled, they’ll also see your custom domain in the checkout URL.
Note: If your site is using the Insecure setting, your URL will start with http://yourdomain.com, even if the site is on the eCommerce plan. The checkout page is still secure for your customers, but it won’t support SSL on the rest of your custom domain website.
Certificate status errors
If we have trouble generating a certificate for your domain, you'll see an error message in your Security & SSL panel.
If the message says that, we're still processing the SSL certificate. New domains may take up to 72 hours to fully connect and generate the certificate, so in most cases, it just needs more time.
You'll usually see this if you very recently:
- Registered a Webbie.express Domain
- Transferred a domain to Webbie.express
- Connected a third-party domain
You can try refreshing the certificate to see if it helps. Opening its DNS settings automatically refreshes the status:
If you're using a Webbie.express Domain, click the domain in the Domains panel, then click Advanced Settings.
If you're using a third-party domain, click the domain in the Domains panel, then click DNS Settings.
If the status doesn't change after refreshing, it still needs more time to generate.
There's an issue to resolve:
If the error message says this, we couldn’t generate an SSL certificate for the listed domains. This usually happens when the domain isn’t properly pointing to your site.
If you’re using a Webbie.express Domain, ensure that your default records are intact.
If you connected a third-party domain, double check your domain-mapping records to ensure your domain has the correct A records to work with Webbie.express.
Which setting should I use?
The best setting for your site depends on your site’s content and the type of visitors you anticipate. Most users will benefit from Secure with SSL enabled, which provides a secure connection to all supported browsers.
Do I need a Webbie.express Domain to use SSL?
No. SSL is available for any Webbie.express Domains and third-party domains connected to your site. If you have a third-party domain, ensure that the domain is properly connected to your site by confirming your CNAME records and A records.
Can I use a custom certificate?
It isn’t currently possible to install a custom SSL certificate on a Webbie.express site.
Will SSL work for subdomains?
Yes. Webbie.express generates a certificate for each custom domain and subdomain connected to your website, whether it’s a Webbie.express Domain or hosted by a third party. This also true for the "www" version of your domain, if you're using it separately from your naked domain.
If you're using your subdomain as your site's primary domain, ensure that you uncheck Use WWW Prefix to prevent certificate errors.
If you have a third-party domain, ensure that it’s connected in your site’s Domains panel and not forwarded from another location.
Will SSL work on mobile browsers?
Yes. Your site is still protected by SSL as long as your visitors are using a supported browser.
Will SSL slow down my site?
You may notice a slight difference in site load time over HTTPS, as the secure connection takes time to authenticate the certificate and validate the site. In most cases, the difference is only a few seconds.
If you’re noticing a big difference in load time, use our troubleshooting steps to rule out other possible site issues, like content-heavy pages or custom code integrations.
I see a certificate error for my third-party domain, but my DNS settings are correct.
If you're seeing an error for your third-party domain, but you've already checked your records, we might not be able to issue a certificate because of a problem with your domain provider. To fix this, we recommend one of the following options:
Transfer your domain to Webbie.express.
Select the Insecure option to disable SSL.
I see a browser warning when I visit my domain.
If you've enabled the Secure setting in your Security & SSL panel, you may still see a privacy warning when you visit your domain. Depending on your browser, the message may be "Your connection is not private, "Your connection is not secure," or something similar. This happens when your browser detects insecure content on the page.
To resolve this, use our troubleshooting steps to check your site for mixed content or a certificate error. If you're still having trouble, check for issues related to your browser.
Will my custom domain appear during eCommerce checkout?
Yes. If your site is on the eCommerce plan and using the Secure SSL setting, your customers will see your custom domain during checking.
Do SSL-enabled sites support HPKP?
No. Webbie.express doesn’t support HTTP Public Key Pinning (HPKP).
Do I need to create a CSR to use SSL with Webbie.express
No. Webbie.express automatically generates an SSL certificate for any domain correctly connected to your site. There’s no need to use a Certificate Signing Request (CSR) to generate the certificate.
Can I disable SSL?
It’s not possible to remove SSL certificates for your custom domains, as this keeps your site secure and ensures the best experience for your visitors. However, you can choose the Insecure option for your site, which still allows traffic over the standard HTTP connection.