We used to use Heart at work. Once upon a time they were fairly decent but now they're terrible. Usual story, they got bought out then swiftly went down hill. Check out Krystal hosting.
Cheap and simple SSL cert for website?
- Thread starter dtokez
- Start date
We used to use Heart at work. Once upon a time they were fairly decent but now they're terrible. Usual story, they got bought out then swiftly went down hill. Check out Krystal hosting.
I've had many dealings with Heart, and yeah, they force you to use their own SSL. They also have a bug in their system that if you renew the SSL early, it doesn't update the expiry date in their own internal system and thus they don't auto-renew it the next year/ send you reminders - so make sure you keep records of the expiry yourself. They said their developers are looking into it, but who knows.
I recommend using the free cloudflare SSL.
I also use Krystal for my hosting, they offer Lets Encrypt and I haven't had any issues with their hosting over the years.
cheers for all the help guys.
I plan on moving, but at the same time, I'm doing a redesign. My plan is to purchase a new hosting plan (Krystal look good) and set up a new site, then only move my domain over from heart (not sure how to go about this) once it's ready to go live.
Any tips on doing this? How would I work on a new site without a domain name? I do have other domain names that I could move from heart and use temporarily but not sure how much is involved?
I plan on moving, but at the same time, I'm doing a redesign. My plan is to purchase a new hosting plan (Krystal look good) and set up a new site, then only move my domain over from heart (not sure how to go about this) once it's ready to go live.
Any tips on doing this? How would I work on a new site without a domain name? I do have other domain names that I could move from heart and use temporarily but not sure how much is involved?
Man of Honour
You could get hosting setup for the domain and edit your system's hosts file so it thinks the domain is running from the new server? Then install a self-signed SSL (cPanel should by default) so you can get it all setup with https://
As for hosting choice....Trustpilot is usually a good guide.
Krystal do have lots of good reviews but recently they imposed large price hikes on (some of...) their Smart Hosting clients and, frankly, are treating their clients with almost unbelievable contempt:
https://www.trustpilot.com/review/bestwebhosting.co.uk
There were even more unprofessional replies (including one offering a client a full refund of every penny ever spent with Smart so that the client could move to a "lesser provider") but they've been removed.
If any of my staff ever talked to customers like this they'd be fired!
As for hosting choice....Trustpilot is usually a good guide.
Krystal do have lots of good reviews but recently they imposed large price hikes on (some of...) their Smart Hosting clients and, frankly, are treating their clients with almost unbelievable contempt:
https://www.trustpilot.com/review/bestwebhosting.co.uk
Trustpilot review reply said:
There were even more unprofessional replies (including one offering a client a full refund of every penny ever spent with Smart so that the client could move to a "lesser provider") but they've been removed.
If any of my staff ever talked to customers like this they'd be fired!
I'm a bit lost by this I'm afraid mate. I guess it's possible to buy a hosting package without a domain name? Whats the host file, I thought that was something stored on local machines? Thanks for the help
Man of Honour
So buy the hosting as normal (eg with the real domain), then on your PC, trick it into thinking the new account runs the domain:
https://www.howtogeek.com/howto/27350/beginner-geek-how-to-edit-your-hosts-file/
Or to use a random other domain instead, buy an account for that and build the site on the random domain - you'll need to update the nameservers at Heart to point it to the new hosting.
Then use this plugin to update the WordPress site to the right domain when you're ready:
https://en-gb.wordpress.org/plugins/go-live-update-urls/
Soldato
Most hosting packages have a domain name for accessing it. If i set up a new website on my 1and1 account, for example, it'll get a domain something like s1234536423242.websitehome.1and1.com
You can build your new website using this domain, then using the plugin linked above set it up to use your real domain when you're ready for it to go live.
You'll also need to change the DNS settings of your domain name to point to the IP Address of the new host.
I prefer not to use the hosts file for building the site on the real domain because I invariably forget about it at some point and make a change to the wrong version of the site somewhere. It's particularly hard doing it this way if you want to access both sites at once - if you want to copy content from the old one or something.
You can build your new website using this domain, then using the plugin linked above set it up to use your real domain when you're ready for it to go live.
You'll also need to change the DNS settings of your domain name to point to the IP Address of the new host.
I prefer not to use the hosts file for building the site on the real domain because I invariably forget about it at some point and make a change to the wrong version of the site somewhere. It's particularly hard doing it this way if you want to access both sites at once - if you want to copy content from the old one or something.
Last edited:
Associate
- Joined
- 17 Nov 2007
- Posts
- 107
Letsencrypt certificates auto-renew themselves via the (supplied) certbot app which can be run using (e.g.) crontab on Linux.
Soldato
For the first times in yonks I'm adding an SSL for a client with their own Heart Internet account. Heart Internet clearly force you to use their paid SSLs, the cheapest of which at the moment £40.00 +vat per year.
Complete daylight robbery imo.
To complicate things, the site forces the none www. version of the domain, so the SSL needs to cover site.co.uk, but not www.site.co.uk. Heart Internet's system cannot handle this. So for the last 4 hours I've been talking to Heart via their ticketing system (they're soooo slow to reply) and they're now manually putting the order through.
As a developer, I hate this kind of nonsense. Nowadays LetsEncrypt is a standard. On my cPanel based and AWS server I can renew an SSL in a couple of minutes.
Complete daylight robbery imo.
To complicate things, the site forces the none www. version of the domain, so the SSL needs to cover site.co.uk, but not www.site.co.uk. Heart Internet's system cannot handle this. So for the last 4 hours I've been talking to Heart via their ticketing system (they're soooo slow to reply) and they're now manually putting the order through.
As a developer, I hate this kind of nonsense. Nowadays LetsEncrypt is a standard. On my cPanel based and AWS server I can renew an SSL in a couple of minutes.
Permabanned
- Joined
- 9 Aug 2008
- Posts
- 35,707
Soldato
If you do end up having to buy one we used to use PositiveSSL - 4 years is $15.
Another option would be to run with the default self-signed cert on your host (slightly naughty) then put Cloudflare upfront. All you have to do is move your nameserver to them then re-add your hosts IP address onto their DNS page. All your sites traffic will bounce through their network, which hides your hosts real IP and also gives you a simple geolocation load balancer (so a user in Australia will connect to Cloudflare's Australia datacentre then CF will make the connection to your website), caching of stylesheets/javascript on servers close to the user and DDoS protection too. The free tier would be all you need.
They issue their own certificate for your site so users will see a CloudFlare cert if they look.
edit: should have properly read that everyone else recommended them too
Another option would be to run with the default self-signed cert on your host (slightly naughty) then put Cloudflare upfront. All you have to do is move your nameserver to them then re-add your hosts IP address onto their DNS page. All your sites traffic will bounce through their network, which hides your hosts real IP and also gives you a simple geolocation load balancer (so a user in Australia will connect to Cloudflare's Australia datacentre then CF will make the connection to your website), caching of stylesheets/javascript on servers close to the user and DDoS protection too. The free tier would be all you need.
They issue their own certificate for your site so users will see a CloudFlare cert if they look.
edit: should have properly read that everyone else recommended them too
Last edited: