How safe are you keeping your visitors?

Man in the Middle Attack

Installing an SSL certificate and forcing the use of https:// connections to your website is a smart idea, but unless that certificate is installed correctly, and your web server is configured with the right security settings, your visitors could still be vulnerable to attacks.

SSL Installation Security Checklist:

While our main website at www.cympl.com is hosted using "serverless" technologies on AWS, we host this page at ssl.cympl.com on an Apache web server, to showcase what a properly configured SSL certificate on a traditional web server should look like.

You don't need to spend a lot of money on a certificate to provide maximum protection for your visitors. To prove this, the SSL certificate we selected for ssl.cympl.com is the cheapest you can buy, a FREE one from Let's Encrypt Authority X3, a free, automated, and open certificate authority (CA), run for the public’s benefit.

There are over 170 Million LetsEncrypt certificates installed and the number is growing. Top brands like TechRadar, jQuery, even Microsoft co-founder Paul Allen's Blog uses an SSL certificate from Let's Encrypt.

Use your favorite SSL Server Test to check your own website. Links to a couple of good ones are listed below.

Compare your results with ours. If the results of your tests reveal any problems with the installation of your certificate, send us an email or give us a call. We can help you get it right.