Logo symbol

SEO Boost Club

Content Management

Domain Management

Technical Documentation

Website Management

Essential Guide to SSL Security & Website Protection

Essential Guide to SSL Security & Website Protection

By Michael Chen

December 17, 2024 at 04:30 AM

SSL certificates automatically protect all correctly pointed domains to your Squarespace site, enhancing security by preventing unauthorized access and data theft.

Mandatory Requirements

SSL certificates automatically cover:

  • Squarespace domains
  • Connected third-party domains
  • Subdomains
  • Integrated domains

Requirements for SSL certificate activation:

  • Third-party domains must be properly connected
  • Squarespace domains must point to a Squarespace site
  • Domain names must be 63 characters or less

Checking SSL Status

Verify your SSL certificate by:

  1. Checking domain dashboard for "Issued" status
  2. Confirming "Active" status in SSL panel
  3. Visiting your site with HTTPS

SSL Settings

To modify SSL settings:

  1. Open SSL panel
  2. Choose security preferences
  3. Click Save

Recommended settings:

  • Use "Secure" option (default)
  • Enable HSTS Secure policy
  • Allow up to 72 hours for changes to take effect

Security Features

Secure setting ensures:

  • Automatic HTTPS redirection
  • HTTPS sitemaps
  • SEO benefits
  • Compatibility with modern browsers

HSTS Security:

  • Encrypts connections
  • Prevents site impersonation
  • Eliminates "connection not private" errors

Squarespace Security Warning

Squarespace Security Warning

Commerce Security

Checkout pages feature:

  • Level 1 PCI compliance
  • 128-bit SSL encryption
  • Secure processing regardless of site SSL settings
  • Custom domain display for Base/Advanced Commerce plans

Technical Specifications

  • Provider: Let's Encrypt DV certificates
  • Renewal: Every 90 days
  • Encryption: 2048-bit (except checkout)
  • Protocol: TLS 1.2
  • No HPKP support
  • Automatic certificate generation

Benefits of SSL

  • Enhanced visitor trust
  • Data encryption
  • Improved site performance
  • Better SEO rankings
  • Protection against hackers
  • Secure form submissions

Troubleshooting

For certificate errors or warnings:

  • Verify domain connection
  • Check DNS records
  • Ensure proper SSL setting configuration
  • Allow sufficient time for changes to propagate
  • Contact support for persistent issues

SSL certificates cannot be disabled but can be set to "Unsecured" if necessary, though this isn't recommended for optimal security.

Technical Documentation

Website Security

SSL Certificates

Related Articles

Website Launch Checklist: The Complete Guide to Going Live

Website Launch Checklist: The Complete Guide to Going Live

Essential Site Launch Checklist: Steps to Ensure Your Website is Ready to Go Live

Essential Site Launch Checklist: Steps to Ensure Your Website is Ready to Go Live

Previous Articles

Complete Guide to SSL Certificates and Security

12/17/2024

How SSL Certificates Secure Your Website: A Complete Guide

12/17/2024