Add SSL certificate on CPV Lab Pro instance

What is an SSL?

  • An SSL Certificate (Secure Sockets Layer), also called a Digital Certificate, creates a secure link between a website and a visitor's browser. By ensuring that all data passed between the two remains private and secure, SSL encryption prevents hackers from stealing private information such as credit card numbers, names and addresses.
  • CPV Lab Pro version 4.0 was created and optimized to work both with and without an SSL certificate installed on the server, but we recommend using an SSL certificate if possible.

How to install an SSL?

  • You can install an SSL certificate on your CPV Lab Pro server and that will make all Campaign URLs, base redirect pages and tracking pixels start with “https://” and this will also display the “Secure” mark and padlock in browsers:

    SSL Certificate in browser

  • There are many types of SSL certificates offered by leading certificate authorities, you can purchase any one of them. You can also check to see if your webhost has SSL certificates in their offer.

Most of the times the webhost will also handle the certificate installation on your server.

  • You can verify that the certificate was installed by calling the Login page from your CPV Lab Pro instance using “https://” instead of “http://”:

    https://cpvlabprodomain.com/login.php

    • If the browser address bar shows the Secure green padlock, then the SSL certificate is installed correctly. Y
    • You should use the “https” version of the login page from now on. Now login and navigate through the CPV Lab Pro pages to make sure the “Secure” mark remains in the browser.

How to redirect traffic to "https://" ?

  • You can now create a rule that will automatically redirect http traffic to the corresponding https pages.

    • There are many ways to do this, but we had the most success with a few redirect lines added in the .htaccess file from the CPV Lab Pro location.

    • You can edit the .htaccess file and append the lines below to the end of the .htaccess file, then save it and upload the file again on the server.

    • Make sure you are editing the .htacess file from the root folder of CPV Lab Pro and not other .htaccess file from your server.

    • If you have CPV Lab Pro installed on domain or subdomain use the code below:

    RewriteEngine On
    RewriteCond %{HTTPS} !=on
    RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
    
    • If you have CPV Lab Pro installed in a subdirectory, use the code below and replace 'subdirectory' with the actual name of the subdirectory from your server:
    RewriteEngine On
    RewriteCond %{HTTPS} !=on
    RewriteRule ^/?(.*) https://%{SERVER_NAME}/subdirectory/$1 [R,L]
    
  • If you don’t setup such a rule to redirect http traffic to https, then you will have to modify all the old CPV Lab Pro links that are pointing to the http version.

    • You need to replace http:// with https:// in all of you CPV Lab Pro links:
      • Campaign URLs - need to change them at your traffic sources
      • base2.php & base3.php redirect pages from all your campaigns landing pages
      • Step 2 code that was added in the landing pages
      • tracking pixels or postback URLs entered at your offer sources.

Free Let’s Encrypt certificate

  • Let’s Encrypt is a free certificate authority that offers free SSL certificates valid for 90 days.

    • If you don’t want to buy an SSL certificate, then this is a good option for a basic SSL certificate, with the disadvantage of having to renew the certificate every 90 days.
  • Some hosting companies offer Let’s Encrypt integration through cPanel which makes it easy to install a free Let’s Encrypt SSL certificate on your server and sometimes even an automatic renewal process is offered.

    • You need to check with your webhost about the possibility to install the free Let’s Encrypt certificate on your server.