When should I use SSL on my web server?

The following list offers situations for which using Secure Sockets Layer (SSL) is appropriate, and can help you decide whether to use SSL on your web server. It is not an exhaustive list, and you may encounter other situations when using SSL would be appropriate.

You should use SSL when transmitting the following types of data:

  • Authentication data (e.g., passwords, session cookies)
  • Data that data stewards have classified as non-public
  • Data that needs to be protected from modification on its way to or from the server (e.g., user input or a result set from the server)

It is important to remember that although SSL can protect the flow of information between your server and a web browser, using SSL does not offer any additional system level security. You must maintain a rigorous security program in order to ensure that your server is secure; see Tips for staying safe online.

This is document alwg in the Knowledge Base.
Last modified on 2017-12-07 15:42:37.

Contact us

For help or to comment, email the UITS Support Center.