What is secure storefront?

Secure storefront loads all pages securely via HTTPS, rather than insecure HTTP.

Does that mean my store wasn’t secure before?

No. Your store checkout pages where customers enter their personal information have always been secure. The secure storefront feature simply allows the rest of your store pages--home, sections, items, etc.--to load securely as well.

Why should I secure my storefront?

Secure pages load more quickly, have higher search ranking, and won’t show warning messages in Chrome.

When should I secure my storefront?

We recommend you do so as soon as possible.

How do I get started?

Just visit your Store Manager and click Security Manager, located in the Site Settings section. We've also got step-by-step setup instructions on this Help Page.

I secured my store, but my pages are still loading via HTTP. What went wrong?

Nothing, in all likelihood. If you just activated the secure storefront feature, don’t panic: it takes a couple of minutes for the changes to be reflected online. If you turned on the feature more than 10 minutes ago, please clear your browser cache and cookies before trying again. And if you’re still having trouble, contact support for further assistance.

What happens if I change my DNS settings?

Your SSL certificate will be valid for your root domain (e.g. widgetdesigns.com) and your www subdomain (e.g. www.widgetdesigns.com). As such, if you change the A and CNAME records for your root domain and your www subdomain, the certificate cannot be issued and cannot be renewed. The A and CNAME records for your root domain and your www subdomain must be kept at their default settings if you wish to use the certificate on the Turbify platform.

What about content that I serve from my Web Hosting files area?

Your normal Web Hosting content is not secure at this time. We recommend that you upload any files used by your store to your Store Files area, and reference them via relative file path. Learn more about Store Files.

I’m not a web developer; is this something I can do for myself?

If you built your store by yourself using our Store Editor and the templates we provided, securing your store is a simple process that we walk you through, step by step.

About the only manual change you may need to make is to store file URLs hard-coded to the HTTP address. We recommend changing these URLs to use the file’s relative path. Learn how to find a file’s relative path.

What if I hired a developer to build my store for me?

While we encourage you to start securing your site now, you should reach out to your developer if you have any issues.

Who can I contact if I need help securing my storefront?

These trusted Yahoo Merchant Solutions Developer Network members have expressed an interest in helping merchants like you secure their storefronts:

• Sequoia Digital Marketing
• Your Store Wizards
• YTimes
• Ventura Web Design
• Nakamoa
• Colorado Web Solutions
• True Light Designs
• Fast Pivot
• Choose Your Company

Can I enable SSL for the hosting files on my Merchant Solutions plan?

Visitors to your store will not be able to load your hosting files securely from the site subdomain (site.widgetdesigns.com). Merchant Solutions domains do not appear in the insecure domains list in the Web Hosting version of Security Manager.

Important note for merchants utilizing Google Search Console: Updating your pages to HTTPS may create errors in Google Search Console. Google Search Console may be expecting HTTP pages and it will see a 301 redirect to HTTPS. This may cause alert warnings. If you are seeing errors such as these, you should update your Google Search Console settings to HTTPS. It's possible that this may require creating a new property and deleting the current one. We recommend checking Google Search Console Help for more information.

See Also:

• Secure your storefront
• Locating insecure elements on your site pages
• How do I upload a file using Store Files?
• Where can I find the relative file path and secure URL for a file I've uploaded?