Skip to main content

A Step-by-Step Guide to Setting Up a Secure Subdomain for E-commerce Websites

Learn how to set up a secure subdomain for e-commerce websites to protect customer data and prevent cyber attacks, focusing on DNS configuration and SSL certificates.

Written by Mayank Baswal

Founder of is-cool-me · DNS & Platform Infrastructure

Mayank Baswal maintains the is-cool-me platform and writes technical guides focused on DNS configuration, subdomain infrastructure, SSL troubleshooting, deployment workflows, and platform reliability.

Reviewed by is-cool-me Technical Review
## Introduction Setting up a secure subdomain for e-commerce websites is a critical step in protecting sensitive customer data and preventing cyber attacks. As a developer on the is-cool-me platform, creating a secure subdomain for your e-commerce website is essential to ensure the integrity of your customers' information. A subdomain is a subset of your main domain, and it can be used to host a specific application or service, such as a payment gateway or a customer portal. In this guide, we will walk you through the process of setting up a secure subdomain for your e-commerce website on the is-cool-me platform. We will cover the prerequisites, step-by-step instructions, configuration options, common pitfalls, and best practices to ensure that your subdomain is secure and functional. The importance of setting up a secure subdomain cannot be overstated. A secure subdomain protects your customers' sensitive information, such as credit card numbers and personal data, from cyber attacks and data breaches. It also helps to build trust with your customers and enhances your website's credibility. Moreover, a secure subdomain is a requirement for many payment gateways and e-commerce platforms, and it is essential for compliance with industry standards such as PCI-DSS. ## Prerequisites Before you start setting up a secure subdomain, you need to have a few things in place. First, you need to have a domain registered on the is-cool-me platform, such as myproject.is-pro.dev. You also need to have a basic understanding of DNS configuration and SSL certificates. Additionally, you need to have access to the is-cool-me dashboard and the ability to create and manage subdomains. If you are new to the is-cool-me platform, you can start by creating a new project and registering a domain. You can then follow the instructions in this guide to set up a secure subdomain. It is also important to note that you need to have a valid SSL certificate for your subdomain. You can obtain an SSL certificate from a trusted certificate authority such as Let's Encrypt or GlobalSign. You can also use the is-cool-me built-in SSL certificate feature to generate a free SSL certificate for your subdomain. ## Step-by-step instructions Here are the step-by-step instructions to set up a secure subdomain on the is-cool-me platform: 1. Log in to the is-cool-me dashboard and navigate to the domains section. 2. Click on the "Create subdomain" button and enter the name of your subdomain, such as "shop.myproject.is-pro.dev". 3. Select the domain that you want to create the subdomain for, such as "myproject.is-pro.dev". 4. Click on the "Create" button to create the subdomain. 5. Navigate to the DNS configuration section and add a new DNS record for your subdomain. 6. Set the record type to "A" and enter the IP address of your server, such as "192.0.2.1". 7. Set the record type to "CNAME" and enter the canonical name of your server, such as "server.myproject.is-pro.dev". 8. Click on the "Save" button to save the DNS record. 9. Navigate to the SSL certificate section and generate a new SSL certificate for your subdomain. 10. Follow the instructions to verify your domain ownership and obtain the SSL certificate. Here is an example of a DNS configuration file for a subdomain: ``` ; DNS configuration file for shop.myproject.is-pro.dev ; ; A record for shop.myproject.is-pro.dev @ IN A 192.0.2.1 ; ; CNAME record for shop.myproject.is-pro.dev @ IN CNAME server.myproject.is-pro.dev ; ; MX record for shop.myproject.is-pro.dev @ IN MX 10 mail.myproject.is-pro.dev ``` You can use the following command to generate a new SSL certificate for your subdomain using Let's Encrypt: ```bash sudo certbot certonly --dns-google --dns-google-credentials ~/.config/gcloud/application_default_credentials.json --dns-google-propagation-seconds 120 --agree-tos --email admin@myproject.is-pro.dev --non-interactive --expand --domain -d shop.myproject.is-pro.dev ``` ## Configuration deep-dive Here is a detailed explanation of the configuration options for a secure subdomain on the is-cool-me platform: | Configuration Option | Description | Example Value | | --- | --- | --- | | Subdomain name | The name of the subdomain | shop.myproject.is-pro.dev | | Domain name | The name of the domain that the subdomain belongs to | myproject.is-pro.dev | | IP address | The IP address of the server that hosts the subdomain | 192.0.2.1 | | Canonical name | The canonical name of the server that hosts the subdomain | server.myproject.is-pro.dev | | SSL certificate | The SSL certificate that is used to secure the subdomain | /etc/letsencrypt/live/shop.myproject.is-pro.dev/fullchain.pem | You can use the following code example to configure the SSL certificate for your subdomain: ```python import ssl # Load the SSL certificate and private key context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH) context.load_verify_locations('/etc/letsencrypt/live/shop.myproject.is-pro.dev/fullchain.pem') context.load_cert_chain('/etc/letsencrypt/live/shop.myproject.is-pro.dev/fullchain.pem', '/etc/letsencrypt/live/shop.myproject.is-pro.dev/privkey.pem') # Create a secure socket server_socket = socket.socket(socket.AF_INET) server_socket.bind(('192.0.2.1', 443)) server_socket.listen(5) # Handle incoming connections while True: client_socket, address = server_socket.accept() ssl_socket = context.wrap_socket(client_socket, server_side=True) # Handle the secure connection ``` ## Common pitfalls and solutions Here are some common pitfalls and solutions when setting up a secure subdomain: 1. **Incorrect DNS configuration**: Make sure that the DNS records for your subdomain are correctly configured and propagated. Solution: Use a DNS propagation tool to check the status of your DNS records and ensure that they are correctly configured. 2. **Invalid SSL certificate**: Make sure that the SSL certificate for your subdomain is valid and correctly configured. Solution: Use a tool such as SSL Labs to test the validity of your SSL certificate and ensure that it is correctly configured. 3. **Insecure protocol version**: Make sure that the protocol version used by your subdomain is secure and up-to-date. Solution: Use a tool such as SSL Labs to test the protocol version used by your subdomain and ensure that it is secure and up-to-date. 4. **Weak cipher suite**: Make sure that the cipher suite used by your subdomain is secure and up-to-date. Solution: Use a tool such as SSL Labs to test the cipher suite used by your subdomain and ensure that it is secure and up-to-date. 5. **Missing security headers**: Make sure that the security headers for your subdomain are correctly configured and included in the HTTP response. Solution: Use a tool such as Security Headers to test the security headers used by your subdomain and ensure that they are correctly configured. ## Best practices Here are some best practices to follow when setting up a secure subdomain: 1. **Use a secure protocol version**: Use a secure protocol version such as TLS 1.2 or 1.3 to encrypt the communication between the client and server. 2. **Use a strong cipher suite**: Use a strong cipher suite such as AES-256-GCM to encrypt the communication between the client and server. 3. **Include security headers**: Include security headers such as Content-Security-Policy and Strict-Transport-Security in the HTTP response to enhance the security of your subdomain. 4. **Use a valid SSL certificate**: Use a valid SSL certificate to encrypt the communication between the client and server and to establish trust with your customers. 5. **Monitor and maintain your subdomain**: Monitor and maintain your subdomain regularly to ensure that it is secure and functional. ## Troubleshooting section Here are some diagnostic steps and troubleshooting tips to help you resolve common issues with your secure subdomain: 1. **Check the DNS configuration**: Check the DNS configuration for your subdomain to ensure that it is correctly configured and propagated. 2. **Check the SSL certificate**: Check the SSL certificate for your subdomain to ensure that it is valid and correctly configured. 3. **Check the protocol version**: Check the protocol version used by your subdomain to ensure that it is secure and up-to-date. 4. **Check the cipher suite**: Check the cipher suite used by your subdomain to ensure that it is secure and up-to-date. 5. **Check the security headers**: Check the security headers used by your subdomain to ensure that they are correctly configured and included in the HTTP response. You can use the following command to test the SSL certificate for your subdomain: ```bash sudo openssl s_client -connect shop.myproject.is-pro.dev:443 -servername shop.myproject.is-pro.dev ``` ## Deployment scenario from operations Here is a complete real-world example of deploying a secure subdomain on the is-cool-me platform: Let's say that you want to deploy a secure subdomain for your e-commerce website on the is-cool-me platform. You can follow these steps: 1. Create a new project on the is-cool-me platform and register a domain, such as myproject.is-pro.dev. 2. Create a new subdomain for your project, such as shop.myproject.is-pro.dev. 3. Configure the DNS records for your subdomain, including the A record and CNAME record. 4. Obtain a valid SSL certificate for your subdomain, such as from Let's Encrypt. 5. Configure the SSL certificate for your subdomain, including the certificate chain and private key. 6. Deploy your e-commerce website to the subdomain, including the payment gateway and customer portal. 7. Test the security of your subdomain, including the SSL certificate, protocol version, and cipher suite. Here is an example of a deployment script for a secure subdomain: ```bash #!/bin/bash # Create a new project on the is-cool-me platform is-cool-me projects create myproject # Register a domain for the project is-cool-me domains register myproject.is-pro.dev # Create a new subdomain for the project is-cool-me subdomains create shop.myproject.is-pro.dev # Configure the DNS records for the subdomain is-cool-me dns records create shop.myproject.is-pro.dev A 192.0.2.1 is-cool-me dns records create shop.myproject.is-pro.dev CNAME server.myproject.is-pro.dev # Obtain a valid SSL certificate for the subdomain sudo certbot certonly --dns-google --dns-google-credentials ~/.config/gcloud/application_default_credentials.json --dns-google-propagation-seconds 120 --agree-tos --email admin@myproject.is-pro.dev --non-interactive --expand --domain -d shop.myproject.is-pro.dev # Configure the SSL certificate for the subdomain sudo openssl x509 -in /etc/letsencrypt/live/shop.myproject.is-pro.dev/fullchain.pem -out /etc/ssl/certs/shop.myproject.is-pro.dev.crt sudo openssl rsa -in /etc/letsencrypt/live/shop.myproject.is-pro.dev/privkey.pem -out /etc/ssl/private/shop.myproject.is-pro.dev.key # Deploy the e-commerce website to the subdomain sudo git clone https://github.com/myproject/ecommerce-website.git /var/www/shop.myproject.is-pro.dev sudo chown -R www-data:www-data /var/www/shop.myproject.is-pro.dev sudo chmod -R 755 /var/www/shop.myproject.is-pro.dev ``` ## Common mistakes Here are some common mistakes to avoid when setting up a secure subdomain: * Using an invalid or expired SSL certificate * Configuring the DNS records incorrectly * Using a weak cipher suite or protocol version * Failing to include security headers in the HTTP response * Not monitoring and maintaining the subdomain regularly * Using a self-signed SSL certificate instead of a valid one * Not configuring the SSL certificate chain correctly * Not testing the security of the subdomain thoroughly ## How to verify it works Here are the steps to verify that your secure subdomain is working correctly: 1. **Test the SSL certificate**: Use a tool such as SSL Labs to test the validity of your SSL certificate and ensure that it is correctly configured. 2. **Test the protocol version**: Use a tool such as SSL Labs to test the protocol version used by your subdomain and ensure that it is secure and up-to-date. 3. **Test the cipher suite**: Use a tool such as SSL Labs to test the cipher suite used by your subdomain and ensure that it is secure and up-to-date. 4. **Test the security headers**: Use a tool such as Security Headers to test the security headers used by your subdomain and ensure that they are correctly configured and included in the HTTP response. 5. **Test the website functionality**: Test the functionality of your website, including the payment gateway and customer portal, to ensure that it is working correctly and securely. You can use the following command to test the SSL certificate for your subdomain: ```bash sudo openssl s_client -connect shop.myproject.is-pro.dev:443 -servername shop.myproject.is-pro.dev ``` ## Conclusion with next steps In conclusion, setting up a secure subdomain for your e-commerce website on the is-cool-me platform requires careful planning and configuration. By following the steps outlined in this guide, you can ensure that your subdomain is secure and functional. Next steps include monitoring and maintaining your subdomain regularly, testing the security of your subdomain, and ensuring that your website is compliant with industry standards such as PCI-DSS. ## FAQ Here are some frequently asked questions about setting up a secure subdomain on the is-cool-me platform: Q: What is the difference between a subdomain and a domain? A: A subdomain is a subset of a domain, and it can be used to host a specific application or service. For example, shop.myproject.is-pro.dev is a subdomain of myproject.is-pro.dev. Q: How do I obtain a valid SSL certificate for my subdomain? A: You can obtain a valid SSL certificate for your subdomain from a trusted certificate authority such as Let's Encrypt or GlobalSign. You can also use the is-cool-me built-in SSL certificate feature to generate a free SSL certificate for your subdomain. Q: What is the purpose of security headers in the HTTP response? A: Security headers in the HTTP response help to enhance the security of your subdomain by specifying the security policies that the browser should follow. For example, the Content-Security-Policy header specifies the sources of content that the browser should allow. Q: How do I test the security of my subdomain? A: You can test the security of your subdomain using tools such as SSL Labs and Security Headers. These tools can help you identify vulnerabilities and weaknesses in your subdomain's security configuration. Q: What is the difference between a self-signed SSL certificate and a valid SSL certificate? A: A self-signed SSL certificate is a certificate that is generated by the server itself, and it is not trusted by default by most browsers. A valid SSL certificate, on the other hand, is a certificate that is issued by a trusted certificate authority and is trusted by default by most browsers. It is recommended to use a valid SSL certificate for your subdomain instead of a self-signed one.
Share this article Share on X Share on LinkedIn
Previous Deploying a Static Website to Free Hosting with a Custom Subdomain: A Beginner's Guide Next Deploying a Static Website to Free Hosting with a Custom Subdomain: A Tutorial