We are now able to offer secure dashboards to all our Agency users. This will allow you to host your users' admin panel and login/signup pages on secure url.
The setup process for this is slightly more involved than any of the other Agency setups steps and is entirely optional (however we do recommend it as it provides a better more secure environment for your Agency customers).
This post outlines the setup and what's needed.
I'd recommend you read through this post in its entirety first and then go through the process in a single sitting.
Step 1: Purchase your SSL certificate.
We recommend buying your SSL certificate from Namecheap (competitive pricing and 2048 bit security as standard).
The SSL certficate required will depend on whether you have setup your Agency accounts as a root domain (e.g. http://agency.com) or as a subdomain (e.g. http://app.agency.com).
For the former then the cheapest "PositiveSSL" will do the job. If you have a subdomain setup then you'll need the PositiveSSL Wildcard.
Once you've purchased the correct SSL you're ready to proceed to Step 2
Step 2: Generate a CSR for your certificate.
To activate your new SSL, the first thing you'll need to do is generate a CSR (certificate signing request). Don't worry its pretty straightforward.
Go to this webpage to generate your CSR and simply fill out the form.
For the common name: Choose the domain you wish to secure - e.g. yourdomain.com. However if you bought a wildcard SSL then enter *.yourdomain.com.
For the key length: choose 2048.
Once you've fiulled in all the required field, click the button to generate your CSR.
Two text strings will appear below the form generator, a CSR and a Private Key. Please copy both to a safe place as you will need them to complete the process.
Step 3: Submit your SSL CSR to Namecheap.
Go here - https://ap.www.namecheap.com/ProductList/SslCertificates and click to activate your new SSL, it will take you to a form to complete.
Paste the CSR you just generated into the main text field on this page.
Choose the Apache, NGINX... option from the drop down menu and the domain field will autopopulate based on the CSR code.
Step 4: Validate domain ownership so that the CSR can be processed.
Next, you'll need to verify that you own the domain that the SSL will be applied to.
Namecheap provides a few options for this, the most straightforward are Email based validation and DNS validation
Only choose this option if you have email already setup for the domain and you are able to receive email/webmail to one of the default addresses - e.g. firstname.lastname@example.org, email@example.com, etc...
If you're able to access one of these standard emails then this is the easiest route.
If you are not able to access one of these - e.g. you bought the domain specifically for your Wishloop agency and haven't setup email, then the DNS validatioon route is more straightforward.
This method will involve adding an extra A record in Cloudflare to validate ownership.
If you already added your domain to cloudflare to map your agency dashboard to your own domain/subdomain then this part will be relatively familiar. If not, then you should complete that step first.
Simply choose whichever method works best for you and move on to setting up your SSL contact data.
Step 5: Complete your contact details and submit the request.
Before you can submit the SSL activation, you'll need to fill in a final page of details to complete the setup.
Simply fill in the details on this page and you're almost good to go.
Don't forget to put an email you can access in the final field. This is where the SSL proper will be sent to.
Step 6: Complete the SSL Validation.
If you chose email validation at Step 4, then you won't need to do anything here. Simply wait for the email. However if you chose DNS validation then you'll need to add a new record in Cloudflare.
Namecheap will provide the details you need, so simply login to cloudflare, navigate to your domain's DNS and enter a new CNAME record using the details provided, like so:
Step 7: Wait for the SSL to arrive via email.
After a couple of hours you should receive the SSL activate email from COMODO via email. You can check on progress at any time from within the SSL section in your Namecheap account.
Once received, simply forward the entire Zip file to us at firstname.lastname@example.org and also include the Private Key from Step 2.
We'll install the certificate for you on our servers and you'll then be all setup and good to go.
The dashboard, login page and signup page will now be available over https and you can update any live links you have to the login/signup pages to their https:// counterparts.
Final Note: If you're really unsure about any of this then we're here to help.
As long as you are able to purchase the SSL (step 1), then simply send us the following details and we'll be able to get everything setup for you.
- Your Namecheap login details (please make sure 2-step authentication is disabled for your account - we won't be able to login until it is).
- Your cloudflare login details (assuming your agency domain/subdomain is already setup and working)
- The domain/subdomain you want the SSL to be installed on.
- Your business name, full address and postcode, and the email you want to receive the SSL on.
With these details we can complete the setup for you and you'll just need to forward the SSL when you receive it.