Documentation You are here: start » v » 0.7.0 » custom_domain


This shows you the differences between two versions of the page.

Link to this comparison view

v:0.7.0:custom_domain [2017/04/26 07:02] (current)
Line 1: Line 1:
 +====== Sugar, Spice, and Custom Subdomains ======
 +===== What the Custom Subdomain Option Is =====
 +First off, <wrap tip>the custom subdomain option is entirely optional</​wrap>​. Your store will be perfectly functional without it, but read on to understand what it is and when it might make sense for you.
 +By default, your store'​s FoxyCart functionality lives at ''​'',​ where ''​example''​ is the subdomain you've chosen in your store'​s settings. While this works well for many users, some merchants would prefer not to have the ''​''​ in the address bar during the checkout experience. We understand this desire, and have created the ability for you to map your own subdomain to the FoxyCart servers so you can have a fully branded checkout experience. So, instead of ''​'',​ your checkout could live at ''​'',​ ''​'',​ ''​'',​ or etc. (again, where ''​''​ is your own domain).
 +There are a few reasons to take this approach:
 +  * A custom subdomain presents the customer with the most seamless checkout flow available. While it does not provide any [[.:​templates|template customization]] functionality not otherwise available, it does remove the last trace of the FoxyCart name from your store'​s checkout flow.
 +  * A custom subdomain will have a SSL certificate with your store'​s information. While very few customers will actually examine this, for those that do it's a nice touch.
 +  * Custom subdomains allow for additional SSL options. ([[#​ssl_options|See below]] for details.)
 +  * A custom subdomain can work around 3rd party cookie restrictions,​ which may make analytics or affiliate tracking much easier to accomplish.
 +You can [[http://​​custom-subdomain-order-form.html|order your custom subdomain SSL certificate here]].
 +===== SSL Options =====
 +==== Standard SSL Certificates ====
 +This is the standard option, and is quite easy to get set up. The validation of the certificate only requires that you select one of the acceptable validation email addresses, which (at the time of this writing) are limited to:
 +  * admin@ (yourdomain.tld)
 +  * administrator@
 +  * hostmaster@
 +  * root@
 +  * webmaster@
 +  * postmaster@
 +Because these certificates are validated //​entirely//​ via email (as opposed to faxing back and forth copies of business formation papers, licenses, utility bills, etc.), //only// the email addresses above ''​@yourdomain.tld''​ can be used to validate the certificate order. This is to ensure that only the proper domain administrator can order a certificate for the domain. Please ensure that the email address you select is actually active and can receive mail before ordering.
 +==== Customer Provided SSL Certificates ====
 +The standard SSL certificates are quick and easy, but are not EV SSL Certificates (that turn the address bar green in your browser), so if you'd like an EV SSL Certificate,​ or you'd like to provide your own certificate for any reason, you can. The important thing to understand, however, is that you cannot reuse a certificate across servers, as the servers would then need to share a private key. The private key should remain truly private in order to prevent certain types of attacks, so if you want to use your own certificate you will need to get the CSR from FoxyCart after you place your order.
 +Also important to note is that this method does cost more than the standard certificate,​ //and// you have to purchase your own cert. We charge more for this option because there is often considerable time spent in getting things set up, the process isn't automated like our standard SSL ordering and provisioning process, and we may need to take additional steps like adding root certs to our application servers.
 +==== Wildcard SSL Certificates ====
 +If you need multiple stores at the same domain, such as ''​'',​ ''​'',​ and ''​'',​ you can order a wildcard SSL certificate. This is a less common option, so contact us if you anticipate needing this for your stores.
 +===== DNS Setup =====
 +In order to use your custom subdomain you'll need to do a quick addition to your domain'​s DNS. This generally will only take a minute if you're comfortable with DNS. If you're not comfortable with your domain'​s DNS, or if you don't even know what DNS //is//, your hosting provider or domain registrar can likely handle this for you.
 +  - First, figure out what your desired domain is, like ''​''​.
 +  - Next add a CNAME record for that subdomain (''​secure''​),​ pointing to...
 +  - ''​'',​ replacing the ''​secure-example-com''​ with your domain, where the periods have been replaced with dashes. For example, if your domain is ''​secure.mystore.tld'',​ your CNAME record for ''​secure.mystore.tld''​ should be ''​''​ (<wrap tip>note the trailing dot!</​wrap>​).
 +  -* **For example:** If your domain is ''​'',​ then you must redirect to ''​''​. To check this, use your Terminal (Mac or Linux users), or use [[http://​​services/​dig.php|]]. Enter your domain (''​''​) and you should see ''​''​ (again, note the trailing period) in the ''​ANSWER SECTION''​.
 +  - Keep in mind that you may have to contact your host directly to set up a CNAME. (Again, this is //not// a "​redirect"​).
 +Also important to note is that <wrap important>​you //will// get a certificate warning</​wrap>​ if you do this before you have received confirmation //from FoxyCart// that your SSL certificate has been fully configured and provisioned. You are encouraged to set up your CNAME when you place your SSL order, but it will not work until it's been validated by you and installed on our systems.
 +===== Common Questions =====
 +==== I can get a SSL Certificate for way cheaper. What gives? ====
 +Yes, you can, but SSL Certificates require the overhead of setup, renewals, as well as dedicated IPs. Further pieces that are hard costs for us (in addition to the cert itself and the dedicated IP address) are additional firewall configuration;​ web application firewall configuration and setup with the SSL certificate (so the WAF can decrypt the traffic); DNS queries; load balancing; DNS failover; monitoring; and security scans.

Site Tools