Most web users will be aware that if you enter you are asked to enter your credit card details or personal information online, you should always check for a padlock sign in the address bar. This indicates that the information you are entering is encrypted before being sent and is therefore less likely to end up in the wrong hands.

You’ll notice that the address of any web page with a padlock icon will start with https:// instead of http:// – for example In order to use https:// in your address you need to have what’s called an “SSL Certificate”.

Web browsers Google Chrome and Firefox have recently set out on a mission to make the web more secure. Any web pages that ask for sensitive information, but don’t have https:// in their address will be marked as insecure (see: Moving towards a more secure web). Crucially for e-learning platforms, this includes any web pages that ask for a password (such as your login area).

If your LMS (Moodle / Totara etc.) is not set up to use https:// in its web address, visitors using Google Chrome or Firefox web browsers will see a crossed out padlock and a notification like this when they try to log in:

Upon seeing this, some users will question the credibility of your platform and it may be enough to put them off using your resources altogether. It is therefore worth taking steps to ensure your platform can use https:// as soon as possible.

Thankfully there are some quick (and free) solutions available.

CloudFlare is a service that we often recommend for clients. It is acts as a firewall for your website / e-learning platform and improves its security and performance. The Free plan also comes with a Shared SSL Certificate, which allows you to use https:// in your website address.

Let’s Encrypt is another free service that provides SSL certificates. It’s a little more complex to implement than CloudFlare, because it requires access to the webserver – but is becoming quite popular on the web.

Both CloudFlare and Let’s Encrypt are available with many web hosting providers (such as DreamHost) and can often be enabled from your dashboard with a few clicks.

If your web hosting has CPanel, look out for this section to enable it:

If you would like any help in ensuring that your platforms such as Moodle, Totara LMS and WordPress handle passwords securely, feel free to get in touch.


By: Andrew Jack

December 19, 2016

‘Giving away’ your knowledge for free has long been used as an inbound marketing tool. The obvious examples being blogs, whitepapers, ebooks, infographics and webinars. Many brands use them as a way of proving their expertise, growing their audience and adding further value to their customers. And of course it’s a great way of demonstrating the […]

Read this post »

By: Andrew Jack

October 30, 2017

Say you’ve been delivering a face-to-face course to a company’s employees for some time now. The participants are engaged in the delivery, it gets great feedback from the participants and your contact at the organisation is delighted with the results. How do you capture the essence of this successful face-to-face course, and deliver it online? […]

Read this post »

By: Andrew Jack

September 19, 2017

At Candle Learning, we help training companies in several ways. One of the more ways we help is in guiding businesses on how to market and sell their new online learning products. Early on in our discovery meetings, we often get asked: “How should we charge customers for our course? One off? Or should we […]

Read this post »

We’d love to hear from you!

Email us or call 0113 208 9909