Base de connaissances

c99/c100

c99 and c100s are hidden backdoor shells - one of the most common methods used to attack websites with malware. They're placed into the hosting account and allow hackers to access compromised websites whenever they like. Through them they can infect webpages, send out spam email, install phishing pages and worse. Hackers find their targets by identifying a vulnerability on a website (usually an application vulnerability such as XSS or SQL injection). They're hard to find and tricky to delete - only the hacker knows the exact URL location. HackAvert® is your best weapon against c99 and c100 shells.

ccTLD

ccTLD is the abbreviation of Country-Code Top-Level Domain. It is also called geographical domain name extension, and it opposed to gTLD. Some examples of ccTLDs are : .fr, .de, .nl, .it, etc.

Certificate Expiry

The date after which your certificate is no longer trusted and after which users will get 'untrusted site' browser warnings. You can find the date within your certificate or by checking your MySSL® account to see the start and end dates of all your certificates.

Certificate Revocation

If your certificate is revoked, your website will no longer be trusted and site visitors will get browser warnings telling them not to trust your site. Certification Authorities can revoke your certificate remotely, in the case of misuse for instance, or non-payment of certificates issued on credit.

Certificate Signing Request

CSR means “Certificate Signing Request”. It is a block of encrypted code containing information regarding you and/or your business, as well as your public key. Each CSR is unique, and only works for the private key generated with it.
See more here.

Certification Authority (CA)

SSL247®'s digital certificates are provided by Certification Authorities (CAs). Symantec, Thawte, GlobalSign, GeoTrust and RapidSSL are all stock-exchanged listed CAs who own their own stable, trusted roots. They will do security checks before issuing the certificate, unlike lesser CAs that we do not stock. Symantec, Thawte, GeoTrust, GlobalSign and RapidSSL have never issued a certificate for a fraudulent applicant. Find out more about the certificates offered by these Certification Authorities

Chained Root

A chained root requires the CA root to already be installed on your server. All SSL certificates are moving towards chained root installation, and away from single root- as chained root provides extra layers of security compared to single.

CHECK certified

Companies belonging to the CHECK scheme are measured against high standards set by CESG (the Information Security arm of GCHQ (Government Communications Headquarters)). This ensures that organisations with this certification practice the highest level of quality in all aspects of the security testing life-cycle. SSL247^® can ensure that all of our special partner's Penetration Testers are highly qualified CHECK certified testers.

Checksum

A checksum is a value used to ensure data is stored or transmitted without error. The errors are typically very small, for example, a single incorrect bit. But even such small errors can greatly affect the quality of data, and even make it useless.

Cloud Solution

A cloud solution refers to a program or software which is hosted on a server, and which operates directly from it. There is no hardware and no installation required, as the program/software runs independently.

Code signing

Code Signing digitally signs your code, enabling you to distribute it securely. It ensures that your program has come from a valid software publisher and has not been altered by anyone in between to inject spyware or malware into the otherwise legitimate code. CODESIGNING

Cookie

A cookie is a small text file placed on your computer when you visit a website. The main purpose of cookies is identify you and your preferences, to possibly prepare customised Web pages when you revisit that website. They are not programs and cannot read your hard drive or cause damage to your computer.

CPS (Certification Practice Statement)

The CPS is a document published by the CA (Certification Authority)  and sets out the practices and policies employed by the organisation in issuing, managing and revoking their digital certificates. CAs chosen by SSL247® have their own CPS available : Symantec , GeoTrust , Thawte , GlobalSign and RapidSSL.

CRL (Certificate Revocation List)

The CRL (Certificate Revocation List) is a digitally signed data file containing details of every digital certificate that has been revoked by that CA (Certification Authority). The CRL can be downloaded and installed into a user's browser and ensures that the browser will not trust any revoked digital certificates. The CAs chosen by SSL247® have their own CPS available: Symantec, GeoTrust, Thawte.

Cross-Certification

A cross-signed certificate is usually issued to simplify the building and verification of certification paths containing certificates issued by CAs. GlobalSign ExtendedSSL certificate is cross signed for instance. To create your CSR