Most web users will be aware that if you enter you are asked to enter your credit card details or personal information online, you should always check for a padlock sign in the address bar. This indicates that the information you are entering is encrypted before being sent and is therefore less likely to end up in the wrong hands.

You’ll notice that the address of any web page with a padlock icon will start with https:// instead of http:// – for example https://www.candlelearning.com. In order to use https:// in your address you need to have what’s called an “SSL Certificate”.

Web browsers Google Chrome and Firefox have recently set out on a mission to make the web more secure. Any web pages that ask for sensitive information, but don’t have https:// in their address will be marked as insecure (see: Moving towards a more secure web). Crucially for e-learning platforms, this includes any web pages that ask for a password (such as your login area).

If your LMS (Moodle / Totara etc.) is not set up to use https:// in its web address, visitors using Google Chrome or Firefox web browsers will see a crossed out padlock and a notification like this when they try to log in:

Upon seeing this, some users will question the credibility of your platform and it may be enough to put them off using your resources altogether. It is therefore worth taking steps to ensure your platform can use https:// as soon as possible.

Thankfully there are some quick (and free) solutions available.

CloudFlare is a service that we often recommend for clients. It is acts as a firewall for your website / e-learning platform and improves its security and performance. The Free plan also comes with a Shared SSL Certificate, which allows you to use https:// in your website address.

Let’s Encrypt is another free service that provides SSL certificates. It’s a little more complex to implement than CloudFlare, because it requires access to the webserver – but is becoming quite popular on the web.

Both CloudFlare and Let’s Encrypt are available with many web hosting providers (such as DreamHost) and can often be enabled from your dashboard with a few clicks.

If your web hosting has CPanel, look out for this section to enable it:

If you would like any help in ensuring that your platforms such as Moodle, Totara LMS and WordPress handle passwords securely, feel free to get in touch.

 

By: Andrew Jack

September 19, 2017

At Candle Learning, we help training companies in several ways. One of the more ways we help is in guiding businesses on how to market and sell their new online learning products. Early on in our discovery meetings, we often get asked: “How should we charge customers for our course? One off? Or should we […]

Read this post »

By: Andrew Jack

December 20, 2017

Before Christmas gets into full swing and we get inevitably swept up in turkey sandwiches and Indiana Jones re-runs, we wanted to reflect on 2017. We see reflection as one of the key tools to help embed learning, so it can’t be said that we don’t practice what we preach. 😉 In the summer of […]

Read this post »

By: Mark Langdale

February 6, 2017

Most web users will be aware that if you enter you are asked to enter your credit card details or personal information online, you should always check for a padlock sign in the address bar. This indicates that the information you are entering is encrypted before being sent and is therefore less likely to end […]

Read this post »

We’d love to hear from you!

Email us or call 0113 208 9909