I need advice about spouse's web hosting service.

My spouse runs a small publishing company from our home.

We have mid priced web hosting service - one that over the years has been beaten out in price by other, better web hosts.

We keep making the decision each September to stick with them as otherwise we lose our emails related to the business.

This December, he released a new product, that should have netted us IMMEDIATELY some $ 1,500 or more in sales.

But little trickled in. Local buyers of our books called us on our personal phone number to tell us that they were having trouble making payments, and doing downloads.

We investigated and we found out something disturbing - despite the cost of the web hosting service, when a customer places an order, it is more than likely they receive a security warning from their web security shield that the site they are ordering from isn't secure.

Upon further talking to the web hosting company, they said to simply tell customers to ignore these messages. They explained that the reason for these messages is that we never had paid an extra $ 200 for our customers' purchases to have a separate certificate from our firm and that without that separate certificate, our firm is "sharing" security certificates with other firms - and thus is detected by customers' users as being insecure. They seemed unconcerned about the trouble this has cost us - and quite insistent that their method of letting companies "share" security certificates was no big deal.

So I am very angry right now. First of all, why didn't the company make this clear to us years ago? Second of all, why should we pay more to have a security certificate that is not shared? My web hosting service which is cheaper than the spouse's, does this for me for much less than the fee we are already paying for his web hosting service.


I have no idea how much money we have lost to date over this.

What do you think?

the a server. But... This is not my area and I will just put out some links for info. The first link is to DU Web Page forum as this question falls more in that area than this one.

DU
<http://www.democraticunderground.com/discuss/duboard.php?az=show_topics&forum=288>

Thawte
<http://www.thawte.com/products/index.html?sl=t92310386410000007&gclid=COK2-b22xZ8CFeh_5QodhR9lyw>

Verisign
<https://www.verisign.com/ssl/index.html?sl=t72980167100000002&gclid=CMzTg720xZ8CFdx05QoddzLazg>

I hope this helps.

M. did take on the web hosting Goliath again today, and we did come to a bit better agreement with them, in that the fees will be waived due to losses we took.

But I am undertaking trying to understand all the in's and out's of these types of situations.

I also believe that it's pretty common for small ecommerce sites to work this way, because the SSL certificates seem to be expensive and most people don't want to purchase one if their web host already has one that they can use.

From my (limited) understanding, the only difference is the name on the certificate, and perhaps by publishing something on your site in the ordering section, if you state this and then the customer sees that the certificate has the name that you say it should (the web host company) then they may not be reluctant to order. At least they'll know that there's no hijacking going on.

I know it doesn't help with the orders you've lost, but it's just something to be aware of.

Your email stays with your domain name no matter who your host is. Sure there might be a short period of time before you could get email setup on the new hosting site, but your mail would be redirected to the new hosting service with the same email address.

.

If we pulled out from one site and moved to the other?

We occassionally get offers from larger Publishers to buy our products - and it would be awful to lose an offer because we were down for a period of time. There is no way we can know who would be contacting us - the people in Germany who bought out his German rights are not people we had approached - so if we had been down back in Dec of '06, we would have lost that opportunity.

And of course, maybe the email floats in cyber space so it wouldn't even be lost?

I've changed providers a few times and they always say it may take 24-48 hours for your new site to "propagate", meaning become available to all on the internet, but my experience is that it really takes no more than a few hours before it works.