WHAT DO YOU MEAN BY SECURE?
A lot of folks seem to confuse the concepts of site security with secure servers. One would hope that a secure server (one that uses SSL to communicate) is also somewhat secure from intrusion. The truth is that there is that a secure server will run just fine on a server with little or no security (in the sense of intrusion prevention) on it!

ABOUT PROTOCOLS.
The Internet is based on a collection of services that is referred to as Internet Protocols, hence the term you hear quite often- IP. Each protocol uses its own method of communication, and a different port number. Some of the more common default port numbers are:

80. Regular web pages sent via the HTTP protocol. (hyper text transport protocol)
25. E-mail is sent via SMTP. (send mail transport protocol)
23. Telnet, which is an interactive login session between a terminal and a server.
Typically, port 443 is used for secure server web pages that employ an encryption technique based on what are called Secure Socket Layers (SSL).

HOW IS SSL CALLED?
Since port numbers are not normally displayed on the browser command line, or used in links, the browser has an easy way to specify which protocol should be used to communicate with the server. Here are two popular examples:

http://www.site.com/ would be a request for a regular web page using HTTP.
ftp://www.site.com/ requests FTP (File Transfer Protocol) access.
Notice that in both the examples, the server name is www. The idea is that the protocol name, not the server name determines which protocol is chosen.
Secure Server Pages are requested using a URL starting with https, such as:

https://www.somedomain.com/

WHAT DOES A SECURE SERVER DO FOR ME?
Operating a secure server (SSL) allows you to conduct e-commerce or other sensitive exchanges of data with your visitors in a way that will hopefuly make them feel more comfortable doing business with you.
SSL provides two basic ingredients of security:

Safe Passage of Information: Your data cannot (we hope) be decoded by any party that might intercept the communications.

Server Authentication: If your server is granted a certificate by a CA (Certificate Authority), your customer's can protect themselves from being directed to another server that is pretending to be yours by checking the contents of the certificate.

What is a secure server?

When a visitor sends information to your site, for example, by filling out a form, the secure server feature encrypts that information while it is in transit to your site. This keeps the information safe from any potential prying eyes.

This is especially useful when users are sending you sensitive data, such as credit card numbers.

By now, you have heard much of the debate over security on the Internet. If security is an issue for your site (an example would be accepting credit card payments online) then you have a need for a secure server. There are several types, and to discuss them from a technical aspect would require much more space than is available here. Instead, let’s focus on how they work .

To set up your site as a secure site, there are two basic requirements. The first is that your site be set up on a secure server. In English, what this does is to "encrypt" any data sent and received by your site so that if it was to be intercepted by an unscrupulous type (i.e. "hacker") the data would be useless to them as it would appear as a jumble of unintelligible code. This allows your customers to submit information such as credit card numbers without fear of them being stolen. The second is that you must purchase a "digital SSL certificate". This certificate allows you to verify your identity, privileges or relationship to another party in an online transaction, in effect telling the customer that you are who you are representing yourself to be.

How does it work?

The digital certificate attaches a unique public key to the identity of the certificate holder. The public key is one half of a uniquely matched key pair. The other key is a private key. While the public key is made available to the public, the private key is kept confidential. Each key can encrypt and decrypt data. Information encrypted by one key can only be decrypted by its matched counterpart in the key pair. Thus, in order to ensure that only the intended recipient has access to the transmitted message, the sender encrypts the message using the recipient's public key. The recipient then decrypts the message using the matched recipient private key. Similarly, in order to ensure that the message originated from the claimed sender, the sender signs the message by encrypting it with the sender's private key. The recipient verifies the identity of the sender by decrypting the message with the sender's public key.

In order to offer secure online ordering, you must purchase this certificate. To do so, you must provide the company supplying the certificate with information proving that you are operating a legitimate business. Examples of such information might include you articles of incorporation, your DBA (Doing Business As) certificate, business license, partnership documentation, or sole proprietor license.

Nainar Infotainment & Solutions can assist you with all of the details involved in setting up a secure site. One item of note is that we can help you obtain a SSL certificate for your online business through Safe Scrypt, one of the most respected security providers in India. An advantage to this certificate is that it will be registered in your company’s name. In other words, it belongs to you. Many hosting providers offer "shared SSL" in which the hosting company actually holds the SSL certificate. This has the effect of "holding your store hostage" with that hosting provider. With Nainar Infotainment & Solutions, your secure site belongs to you!

To see an example of an SSL certificate, do this: the next time you order online, once you have reached the secure portion of the site you are ordering from (you can tell in Netscape or IE by the small padlock closing at the bottom left of the screen) click on the "Security" button on your browser. You will see a display similar to this:
This Certificate belongs to: