SlideShare a Scribd company logo

Facebook Apps & SSL Certificate - Enhance Advance user Security

Download as PPTX, PDF
CheapSSLsecurity
CheapSSLsecurity

Facebook Apps and SSL Certificate, Know how to secure Facebook application using SSL certificate and which SSL certificate is need to secure Facebook app.

Technology
1 of 12
Facebook Apps & SSL Certificate Enhance Advance user Security
Facebook planned to Enhance better user security • Today, in the wake of daily Data Breaches & Cyber Attacks, everyone from website admin to network security experts to millions of users around the world are worried about the security of their private data. 2014 seems to have become the year of data breaches, as millions of users’ login credentials and sensitive information have been stolen via attacks. In the fight against breaches, it’s all about web security. • Social networking giant Facebook is also worried about its users’ security, which is why, back in May 2011, they announced that every site and app has to migrate to oAuth 2.0 by Sep 1 2011 & to HTTPS (Validation with an SSL certificate) by Oct 1 2011. • Basically, all Facebook applications must be secured with oAuth 2.0 and an SSL certificate.
Why SSL Certificate is prerequisite for Facebook Apps? Every individual web platforms request their users for credentials when they try to access any social networking websites or other websites with credentials. However, visiting websites contain suitable SSL certificate security installed then it would be more comfortable and flexible environment to users for their future transactions over the web. The strong and the toughest encryption algorithm prevent unauthorized access while communicating any web platform through credentials on the Internet. Facebook Application priority request user’s data such as name, email address, birth date, etc… and all those information crucial as per user’s perspective and user’s always believes their information security on the priority before they involve their self into applications. Facebook has already started its new revolution and it’s called “Each Facebook App must be secured with HTTPS”.
Which SSL Certificate is required for my Facebook App? This question may arise in every Facebook app developer’s mind when deciding which SSL will be best for their app. There are many SSL certificates available on the market, so you’ll want to make sure to choose the right one to run your app successfully. Selecting the perfect SSL certificate for your Facebook application depends on the location of the directory.
(1) If Facebook app is in Sub Directory If your Facebook application is located in the sub directory • yourdomain.com/fb-app-1 • yourdomain.com/fb-app-2 • yourdomain.com/fb-app-3 Technically, Domain Validated (DV) SSL certificates protects any sub-directory based Facebook Application as per security industry experts.
(2) If Facebook App is in Sub-Domain If you own multiple Facebook apps and you have located all apps in sub-domains. Such as… • fb-app-1.yourdomain.com • fb-app-2.yourdomain.com • fb-app-3.yourdomain.com, etc…) then you required a wildcard SSL Certificate as you need to protect all your sub-domains with single certificate. As per web security analyst, the applications located in the formation of sub-domains were secured by COMODO positive SSL wildcard or RapidSSL Wildcard Certificate. Both of this Certificate Authority (CA) had already secured plenty of Facebook Applications with hardest has an algorithm of 256 bit. They are being trusted to all 99.99% mobile and desktops based web browsers.
(3) If Facebook app is with Multiple Domains If you own multiple Facebook apps which hosted with different names &located in different locations such of your server such as… • yourdomain-1.com/fb-app1 • yourdomain-2.net/fb-app2 • yourdomina-3.apps/fb-app4, etc…. then you must need an SSL which offers security of both multiple domains & sub-domains. Comodo UCC (Unified Communication Certificate) or Comodo Positive Multi-domain Wildcard SSL Certificate are the perfect choice, users allows to secure fully qualified multiple domains and unlimited sub-domains.
(4) Facebook Apps that handles Transactions If you have a Facebook application that handles transactions and/or processes sensitive data, then we would recommend a higher security SSL certificate that also provides more apparent trust indicators, such as an EV SSL Certificate. We would suggest either a Comodo EV SSL or a GeoTrust True BusinessID with EV SSL Certificate.
How do I secure my Facebook Application? Before setting up your SSL certificate into your Facebook application, please make sure you have completed following: • Ensure that your new certificate has been issued by a trusted Certificate Authority (CA). This also means that your certificate is “active.” • Make sure you generate a CSR Code – which will come from your server. For more information on CSR Generation and tool - click here. • Allocate a Dedicated IP address (You app must be hosted on a dedicated IP address) for you application • Install SSL certificate on your server. Here’s the SSL Certificate installation guide for Different servers and OS that may help you to install SSL - http://bit.ly/SSL-Installation-Guide. Once SSL certificate installation process completes, the very next process is copy Canvas URL and Page Tab URLs.
Securing you Facebook Canvas URL& Page tab URL. • First login in to your Facebook account and visit https://developers.facebook.com. • Click on the Apps tab and select the App that you wish to secure • Now click on Settings • Here in Facebook Canvas update the Secure Canvas URL with your server location of your application. • Now move to Page Tab, here you need to update the secure Page Tab URL with server location of your index file.
What if my Facebook App is not secured using SSL Certificate Facebook has already announced, every application must have secure connection with HTTPS (validated with SSL Certificate) in every category of applications. However, the app without HTTPS connection will be placed into the sandbox as per Facebook Application Guideline, and the following application without SSL certificate will not update to live status until it migrates to Auth 2.0 & HTTPS.
For More Information SSL Certificate for Facebook Apps Blog: cheapsslsecurity.com/blog Facebook: CheapSSLSecurities Twitter: SSLSecurity Google Plus: +Cheapsslsecurity

Recommended

How to disable SSLv3 in Chrome Firefox IE
How to disable SSLv3 in Chrome Firefox IEHow to disable SSLv3 in Chrome Firefox IE
How to disable SSLv3 in Chrome Firefox IE
CheapSSLsecurity
 
Beyonce
BeyonceBeyonce
Beyonce
PRESENTATIONSFORESL
 
Building a Security Framework for Websites
Building a Security Framework for WebsitesBuilding a Security Framework for Websites
Building a Security Framework for Websites
Tony Perez
 
WordPress Security Begins With Good Posture
WordPress Security Begins With Good PostureWordPress Security Begins With Good Posture
WordPress Security Begins With Good Posture
Tony Perez
 
Hacked - What do you do now?
Hacked - What do you do now?Hacked - What do you do now?
Hacked - What do you do now?
Tony Perez
 
WordPress Security 2014 - The Basics of Security
WordPress Security 2014 - The Basics of SecurityWordPress Security 2014 - The Basics of Security
WordPress Security 2014 - The Basics of Security
Tony Perez
 
WordPress Website Security - Trends, Threats, Defenses
WordPress Website Security - Trends, Threats, DefensesWordPress Website Security - Trends, Threats, Defenses
WordPress Website Security - Trends, Threats, Defenses
Tony Perez
 
Facebook security
Facebook securityFacebook security
Facebook security
PRESENTATIONSFORESL
 

Recommended

How to disable SSLv3 in Chrome Firefox IE
How to disable SSLv3 in Chrome Firefox IEHow to disable SSLv3 in Chrome Firefox IE
How to disable SSLv3 in Chrome Firefox IE
CheapSSLsecurity
 
Beyonce
BeyonceBeyonce
Beyonce
PRESENTATIONSFORESL
 
Building a Security Framework for Websites
Building a Security Framework for WebsitesBuilding a Security Framework for Websites
Building a Security Framework for Websites
Tony Perez
 
WordPress Security Begins With Good Posture
WordPress Security Begins With Good PostureWordPress Security Begins With Good Posture
WordPress Security Begins With Good Posture
Tony Perez
 
Hacked - What do you do now?
Hacked - What do you do now?Hacked - What do you do now?
Hacked - What do you do now?
Tony Perez
 
WordPress Security 2014 - The Basics of Security
WordPress Security 2014 - The Basics of SecurityWordPress Security 2014 - The Basics of Security
WordPress Security 2014 - The Basics of Security
Tony Perez
 
WordPress Website Security - Trends, Threats, Defenses
WordPress Website Security - Trends, Threats, DefensesWordPress Website Security - Trends, Threats, Defenses
WordPress Website Security - Trends, Threats, Defenses
Tony Perez
 
Facebook security
Facebook securityFacebook security
Facebook security
PRESENTATIONSFORESL
 
What is Asymmetric Encryption? Understand with Simple Examples
What is Asymmetric Encryption? Understand with Simple ExamplesWhat is Asymmetric Encryption? Understand with Simple Examples
What is Asymmetric Encryption? Understand with Simple Examples
CheapSSLsecurity
 
TLS 1.3: Everything You Need to Know - CheapSSLsecurity
TLS 1.3: Everything You Need to Know - CheapSSLsecurityTLS 1.3: Everything You Need to Know - CheapSSLsecurity
TLS 1.3: Everything You Need to Know - CheapSSLsecurity
CheapSSLsecurity
 
How to Fix ERR_SSL_VERSION_OR_CIPHER_MISMATCH Error
How to Fix ERR_SSL_VERSION_OR_CIPHER_MISMATCH ErrorHow to Fix ERR_SSL_VERSION_OR_CIPHER_MISMATCH Error
How to Fix ERR_SSL_VERSION_OR_CIPHER_MISMATCH Error
CheapSSLsecurity
 
Apache Server: Common SSL Errors and Troubleshooting Guide
Apache Server: Common SSL Errors and Troubleshooting GuideApache Server: Common SSL Errors and Troubleshooting Guide
Apache Server: Common SSL Errors and Troubleshooting Guide
CheapSSLsecurity
 
Multi Domain Wildcard Features explained by CheapSSLsecurity
Multi Domain Wildcard Features explained by CheapSSLsecurityMulti Domain Wildcard Features explained by CheapSSLsecurity
Multi Domain Wildcard Features explained by CheapSSLsecurity
CheapSSLsecurity
 
Various Types of OpenSSL Commands and Keytool
Various Types of OpenSSL Commands and KeytoolVarious Types of OpenSSL Commands and Keytool
Various Types of OpenSSL Commands and Keytool
CheapSSLsecurity
 
What is Certificate Transparency (CT)? How does it work?
What is Certificate Transparency (CT)? How does it work?What is Certificate Transparency (CT)? How does it work?
What is Certificate Transparency (CT)? How does it work?
CheapSSLsecurity
 
Norton Cyber Security Insights Report 2017
Norton Cyber Security Insights Report 2017Norton Cyber Security Insights Report 2017
Norton Cyber Security Insights Report 2017
CheapSSLsecurity
 
The Top Five Cybersecurity Threats for 2018
The Top Five Cybersecurity Threats for 2018The Top Five Cybersecurity Threats for 2018
The Top Five Cybersecurity Threats for 2018
CheapSSLsecurity
 
Is your business PCI DSS compliant? You’re digging your own grave if not
Is your business PCI DSS compliant? You’re digging your own grave if notIs your business PCI DSS compliant? You’re digging your own grave if not
Is your business PCI DSS compliant? You’re digging your own grave if not
CheapSSLsecurity
 
Phishing Scams: 8 Helpful Tips to Keep You Safe
Phishing Scams: 8 Helpful Tips to Keep You SafePhishing Scams: 8 Helpful Tips to Keep You Safe
Phishing Scams: 8 Helpful Tips to Keep You Safe
CheapSSLsecurity
 
How Hashing Algorithms Work
How Hashing Algorithms WorkHow Hashing Algorithms Work
How Hashing Algorithms Work
CheapSSLsecurity
 
Quantum Computing vs Encryption: A Battle to Watch Out for
Quantum Computing vs Encryption: A Battle to Watch Out forQuantum Computing vs Encryption: A Battle to Watch Out for
Quantum Computing vs Encryption: A Battle to Watch Out for
CheapSSLsecurity
 
Symantec (ISTR) Internet Security Threat Report Volume 22
Symantec (ISTR) Internet Security Threat Report Volume 22Symantec (ISTR) Internet Security Threat Report Volume 22
Symantec (ISTR) Internet Security Threat Report Volume 22
CheapSSLsecurity
 
Hashing vs Encryption vs Encoding
Hashing vs Encryption vs EncodingHashing vs Encryption vs Encoding
Hashing vs Encryption vs Encoding
CheapSSLsecurity
 
Understanding SSL Certificate for Apps by Symantec
Understanding SSL Certificate for Apps by SymantecUnderstanding SSL Certificate for Apps by Symantec
Understanding SSL Certificate for Apps by Symantec
CheapSSLsecurity
 
Thawte Wildcard SSL Certificates – Enable Sub-Domains Security
Thawte Wildcard SSL Certificates – Enable Sub-Domains SecurityThawte Wildcard SSL Certificates – Enable Sub-Domains Security
Thawte Wildcard SSL Certificates – Enable Sub-Domains Security
CheapSSLsecurity
 
Shift to HTTPS and Save Your Website from the Wrath of Blacklisting
Shift to HTTPS and Save Your Website from the Wrath of BlacklistingShift to HTTPS and Save Your Website from the Wrath of Blacklisting
Shift to HTTPS and Save Your Website from the Wrath of Blacklisting
CheapSSLsecurity
 
Microsoft Exchange Server & SSL Certificates: Everything you need to know
Microsoft Exchange Server & SSL Certificates: Everything you need to knowMicrosoft Exchange Server & SSL Certificates: Everything you need to know
Microsoft Exchange Server & SSL Certificates: Everything you need to know
CheapSSLsecurity
 
Comodo Multi Domain SSL Certificate: Key Features by CheapSSLsecurity
Comodo Multi Domain SSL Certificate: Key Features by CheapSSLsecurityComodo Multi Domain SSL Certificate: Key Features by CheapSSLsecurity
Comodo Multi Domain SSL Certificate: Key Features by CheapSSLsecurity
CheapSSLsecurity
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
Rafal Los
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
HampshireHUG
 

More Related Content

More from CheapSSLsecurity

More from CheapSSLsecurity (20)

What is Asymmetric Encryption? Understand with Simple Examples
What is Asymmetric Encryption? Understand with Simple ExamplesWhat is Asymmetric Encryption? Understand with Simple Examples
What is Asymmetric Encryption? Understand with Simple Examples
 
TLS 1.3: Everything You Need to Know - CheapSSLsecurity
TLS 1.3: Everything You Need to Know - CheapSSLsecurityTLS 1.3: Everything You Need to Know - CheapSSLsecurity
TLS 1.3: Everything You Need to Know - CheapSSLsecurity
 
How to Fix ERR_SSL_VERSION_OR_CIPHER_MISMATCH Error
How to Fix ERR_SSL_VERSION_OR_CIPHER_MISMATCH ErrorHow to Fix ERR_SSL_VERSION_OR_CIPHER_MISMATCH Error
How to Fix ERR_SSL_VERSION_OR_CIPHER_MISMATCH Error
 
Apache Server: Common SSL Errors and Troubleshooting Guide
Apache Server: Common SSL Errors and Troubleshooting GuideApache Server: Common SSL Errors and Troubleshooting Guide
Apache Server: Common SSL Errors and Troubleshooting Guide
 
Multi Domain Wildcard Features explained by CheapSSLsecurity
Multi Domain Wildcard Features explained by CheapSSLsecurityMulti Domain Wildcard Features explained by CheapSSLsecurity
Multi Domain Wildcard Features explained by CheapSSLsecurity
 
Various Types of OpenSSL Commands and Keytool
Various Types of OpenSSL Commands and KeytoolVarious Types of OpenSSL Commands and Keytool
Various Types of OpenSSL Commands and Keytool
 
What is Certificate Transparency (CT)? How does it work?
What is Certificate Transparency (CT)? How does it work?What is Certificate Transparency (CT)? How does it work?
What is Certificate Transparency (CT)? How does it work?
 
Norton Cyber Security Insights Report 2017
Norton Cyber Security Insights Report 2017Norton Cyber Security Insights Report 2017
Norton Cyber Security Insights Report 2017
 
The Top Five Cybersecurity Threats for 2018
The Top Five Cybersecurity Threats for 2018The Top Five Cybersecurity Threats for 2018
The Top Five Cybersecurity Threats for 2018
 
Is your business PCI DSS compliant? You’re digging your own grave if not
Is your business PCI DSS compliant? You’re digging your own grave if notIs your business PCI DSS compliant? You’re digging your own grave if not
Is your business PCI DSS compliant? You’re digging your own grave if not
 
Phishing Scams: 8 Helpful Tips to Keep You Safe
Phishing Scams: 8 Helpful Tips to Keep You SafePhishing Scams: 8 Helpful Tips to Keep You Safe
Phishing Scams: 8 Helpful Tips to Keep You Safe
 
How Hashing Algorithms Work
How Hashing Algorithms WorkHow Hashing Algorithms Work
How Hashing Algorithms Work
 
Quantum Computing vs Encryption: A Battle to Watch Out for
Quantum Computing vs Encryption: A Battle to Watch Out forQuantum Computing vs Encryption: A Battle to Watch Out for
Quantum Computing vs Encryption: A Battle to Watch Out for
 
Symantec (ISTR) Internet Security Threat Report Volume 22
Symantec (ISTR) Internet Security Threat Report Volume 22Symantec (ISTR) Internet Security Threat Report Volume 22
Symantec (ISTR) Internet Security Threat Report Volume 22
 
Hashing vs Encryption vs Encoding
Hashing vs Encryption vs EncodingHashing vs Encryption vs Encoding
Hashing vs Encryption vs Encoding
 
Understanding SSL Certificate for Apps by Symantec
Understanding SSL Certificate for Apps by SymantecUnderstanding SSL Certificate for Apps by Symantec
Understanding SSL Certificate for Apps by Symantec
 
Thawte Wildcard SSL Certificates – Enable Sub-Domains Security
Thawte Wildcard SSL Certificates – Enable Sub-Domains SecurityThawte Wildcard SSL Certificates – Enable Sub-Domains Security
Thawte Wildcard SSL Certificates – Enable Sub-Domains Security
 
Shift to HTTPS and Save Your Website from the Wrath of Blacklisting
Shift to HTTPS and Save Your Website from the Wrath of BlacklistingShift to HTTPS and Save Your Website from the Wrath of Blacklisting
Shift to HTTPS and Save Your Website from the Wrath of Blacklisting
 
Microsoft Exchange Server & SSL Certificates: Everything you need to know
Microsoft Exchange Server & SSL Certificates: Everything you need to knowMicrosoft Exchange Server & SSL Certificates: Everything you need to know
Microsoft Exchange Server & SSL Certificates: Everything you need to know
 
Comodo Multi Domain SSL Certificate: Key Features by CheapSSLsecurity
Comodo Multi Domain SSL Certificate: Key Features by CheapSSLsecurityComodo Multi Domain SSL Certificate: Key Features by CheapSSLsecurity
Comodo Multi Domain SSL Certificate: Key Features by CheapSSLsecurity
 

Recently uploaded

IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 

Recently uploaded (20)

The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 

Facebook Apps & SSL Certificate - Enhance Advance user Security

  • 1. Facebook Apps & SSL Certificate Enhance Advance user Security
  • 2. Facebook planned to Enhance better user security • Today, in the wake of daily Data Breaches & Cyber Attacks, everyone from website admin to network security experts to millions of users around the world are worried about the security of their private data. 2014 seems to have become the year of data breaches, as millions of users’ login credentials and sensitive information have been stolen via attacks. In the fight against breaches, it’s all about web security. • Social networking giant Facebook is also worried about its users’ security, which is why, back in May 2011, they announced that every site and app has to migrate to oAuth 2.0 by Sep 1 2011 & to HTTPS (Validation with an SSL certificate) by Oct 1 2011. • Basically, all Facebook applications must be secured with oAuth 2.0 and an SSL certificate.
  • 3. Why SSL Certificate is prerequisite for Facebook Apps? Every individual web platforms request their users for credentials when they try to access any social networking websites or other websites with credentials. However, visiting websites contain suitable SSL certificate security installed then it would be more comfortable and flexible environment to users for their future transactions over the web. The strong and the toughest encryption algorithm prevent unauthorized access while communicating any web platform through credentials on the Internet. Facebook Application priority request user’s data such as name, email address, birth date, etc… and all those information crucial as per user’s perspective and user’s always believes their information security on the priority before they involve their self into applications. Facebook has already started its new revolution and it’s called “Each Facebook App must be secured with HTTPS”.
  • 4. Which SSL Certificate is required for my Facebook App? This question may arise in every Facebook app developer’s mind when deciding which SSL will be best for their app. There are many SSL certificates available on the market, so you’ll want to make sure to choose the right one to run your app successfully. Selecting the perfect SSL certificate for your Facebook application depends on the location of the directory.
  • 5. (1) If Facebook app is in Sub Directory If your Facebook application is located in the sub directory • yourdomain.com/fb-app-1 • yourdomain.com/fb-app-2 • yourdomain.com/fb-app-3 Technically, Domain Validated (DV) SSL certificates protects any sub-directory based Facebook Application as per security industry experts.
  • 6. (2) If Facebook App is in Sub-Domain If you own multiple Facebook apps and you have located all apps in sub-domains. Such as… • fb-app-1.yourdomain.com • fb-app-2.yourdomain.com • fb-app-3.yourdomain.com, etc…) then you required a wildcard SSL Certificate as you need to protect all your sub-domains with single certificate. As per web security analyst, the applications located in the formation of sub-domains were secured by COMODO positive SSL wildcard or RapidSSL Wildcard Certificate. Both of this Certificate Authority (CA) had already secured plenty of Facebook Applications with hardest has an algorithm of 256 bit. They are being trusted to all 99.99% mobile and desktops based web browsers.
  • 7. (3) If Facebook app is with Multiple Domains If you own multiple Facebook apps which hosted with different names &located in different locations such of your server such as… • yourdomain-1.com/fb-app1 • yourdomain-2.net/fb-app2 • yourdomina-3.apps/fb-app4, etc…. then you must need an SSL which offers security of both multiple domains & sub-domains. Comodo UCC (Unified Communication Certificate) or Comodo Positive Multi-domain Wildcard SSL Certificate are the perfect choice, users allows to secure fully qualified multiple domains and unlimited sub-domains.
  • 8. (4) Facebook Apps that handles Transactions If you have a Facebook application that handles transactions and/or processes sensitive data, then we would recommend a higher security SSL certificate that also provides more apparent trust indicators, such as an EV SSL Certificate. We would suggest either a Comodo EV SSL or a GeoTrust True BusinessID with EV SSL Certificate.
  • 9. How do I secure my Facebook Application? Before setting up your SSL certificate into your Facebook application, please make sure you have completed following: • Ensure that your new certificate has been issued by a trusted Certificate Authority (CA). This also means that your certificate is “active.” • Make sure you generate a CSR Code – which will come from your server. For more information on CSR Generation and tool - click here. • Allocate a Dedicated IP address (You app must be hosted on a dedicated IP address) for you application • Install SSL certificate on your server. Here’s the SSL Certificate installation guide for Different servers and OS that may help you to install SSL - http://bit.ly/SSL-Installation-Guide. Once SSL certificate installation process completes, the very next process is copy Canvas URL and Page Tab URLs.
  • 10. Securing you Facebook Canvas URL& Page tab URL. • First login in to your Facebook account and visit https://developers.facebook.com. • Click on the Apps tab and select the App that you wish to secure • Now click on Settings • Here in Facebook Canvas update the Secure Canvas URL with your server location of your application. • Now move to Page Tab, here you need to update the secure Page Tab URL with server location of your index file.
  • 11. What if my Facebook App is not secured using SSL Certificate Facebook has already announced, every application must have secure connection with HTTPS (validated with SSL Certificate) in every category of applications. However, the app without HTTPS connection will be placed into the sandbox as per Facebook Application Guideline, and the following application without SSL certificate will not update to live status until it migrates to Auth 2.0 & HTTPS.
  • 12. For More Information SSL Certificate for Facebook Apps Blog: cheapsslsecurity.com/blog Facebook: CheapSSLSecurities Twitter: SSLSecurity Google Plus: +Cheapsslsecurity