According to the data in the "49th Statistical Report on China Internet Development Status" released by the China Network Information Center (CNNIC) in Feb 2022, as of Dec 2021, the number of websites in China is 4.18 million (excluding education websites with .edu.cn domain name). According to Google Certificate Transparency service log data and other third-party statistics, as of Feb 2022, the number of SSL certificates issued in China is 1.14 million, which means that there are still 3.04 million websites without SSL certificates, these sites may basically be virtual hosting websites, and there are also 2.43 million websites by an 80% estimate. Now, blessed are these websites owners. Only need to set CNAME domain name resolution twice to automatically making browsers display the security padlock when users visit these websites, and it will no longer be displayed as "Not secure".
Virtual hosting website owners are all small and medium-sized enterprises or other non-profit organizations. Since the virtual hosting service providers do not provide the installation of SSL certificate services for its users, all browsers will display "Not secure" when users visit these websites. Not only is the website confidential information transmission insecure, but also a kind of online credit loss, especially for international trading companies, which is a huge credit loss, because if foreign buyers visit these websites, if the browser displays "Not secure", 100% of foreign buyers will not trust this website, thus missing many foreign trade orders.
How to do? First, we must understand why the browser shows that the website is "Not secure". This is because this website does not deploy an SSL certificate. Users visit this website using the http cleartext transmission protocol. Any information entered on this website may be illegally stolen and illegal tampering, therefore, in order to protect the user's online security, the browser prompts "Not secure" when the user visits these websites.
After figuring out the reason, you will know what to do. Purchase and apply for an SSL certificate from the CA and deploy it on the website server to implement https encryption. All browsers will not prompt "Not secure” but will display security padlock.
However, the virtual hosting website is that N websites share one host (one IP address), and the virtual hosting service provider does not provide the service of installing an SSL certificate, because this server is shared by N websites and cannot be used for a website alone to install an SSL certificate. Even if these website owners are willing to spend money to buy an SSL certificate, they cannot solve the problem that the website is "Not secure" because they cannot install the SSL certificate. This is the fundamental reason why nearly 3 million websites in China are in a "Not secure" state. Website security for virtual hosting websites has become a forgotten security corner!
How to do? And what to do if the website is virtual hosting that can’t install SSL certificate? ZoTrus Website Security Cloud Service can help. The virtual hosting website owner does not need to apply for an SSL certificate from the CA, but only needs to buy our Website Security Cloud Service, to add a CNAME record to complete the domain name control validation, then modify the domain name resolution record and resolve the www.website domain name CNAME to the specified Alibaba Cloud WAF URL, and then the https encryption and WAF protection can be automatically realized. The whole setting process only takes 10 minutes, and it can quickly eliminate the browser's "Not secure” warning in 10 minutes, and at the same time realize the security protection of the website, completely eliminate the potential security risks of the website being hacked and attacked, website owners can easily enjoy the website security protection, can concentrate on doing their own business, no longer need to worry about the website "Not secure", not only can enhance the trust and confidence of buyers, thereby bringing more online orders, but also protect their valuable customer data from being illegally stolen.
That is to say, users only need to purchase the ZoTrus Website Security Cloud Service, which can benefit both, not only eliminates the browser's "Not secure" warning, but also eliminates the hidden security risks of the website being attacked and helps virtual hosting website owners to enjoy the website security, then to improve the overall security level of Internet.