This feature is available for all Pro and 2017 plans.
Secure Domains and SSL
Nobody wants to have their info creeped on, especially your customers. Luckily, Secure Socket Layer (SSL) is a security technology that ensures all data passed between the web server and browser remains private and integral (i.e., SSL prevents lurkers from getting all up in your business).
When you upgrade to one of our paid plans, SSL is automatically enabled on your custom domains. You can verify whether your landing page domains are SSL-enabled by heading over to your Domain Settings page and looking for the lock icon on the left. The "http" version of your domain will still be available after SSL has been enabled on your custom domain.
A similar icon appears throughout the app wherever your domain is visible.
SSL and Customer Experience
SSL-secured domains let people viewing a landing page know that they are visiting a domain where the data is coming from a known source. When your visitors see a green padlock and an HTTPS web address in the URL field, it's their visual cue that the landing page has enhanced security.
In short, it lets them know that both product and page can be trusted. Way more appealing to click on!
Without SSL, customers may also see scary mixed content warnings when arriving at your landing page from another SSL protected site. Although non-SSL landing pages are by no means “unsafe”, the automated warning messages that pop up might cause your customers to raise an eyebrow.
What You Can Do With SSL
Embed Third Party eCommerce Tools Directly onto your Unbounce Pages
With SSL, you can embed secure forms directly onto Unbounce pages. This is a great advantage for use cases like ecommerce. Embed an ecommerce form using your favourite ecommerce tool.
Make Your Pages Compatible With Facebook and Linkedin
With SSL in Unbounce, you can present your pages with third party applications such as Facebook and Linkedin Ads with the most efficiency. LinkedIn ads may let your page skip the moderation queue. Woo!
Global Sign (a WebTrust-certified certificate authority and provider of Identity Services) has a specific set of guidelines for securing URLs. In the unlikely case that your URL cannot be secured, you can contact Unbounce Customer Success by submitting a ticket and we'll contact Global Sign on your behalf.
Before You Switch: SSL Checklist
With the release of SSL, Unbounce now serves both “http” and “https” landing pages (unsecured and secured) on all paid account. It’s entirely up to you which version you want to use for your campaign.
http://www.example.com and https://www.example.com will both direct visitors to the same page.
Https: Before You Switch
To display your pages securely at “https”, all that is required is that you change the source URL to “https” from wherever you’re driving traffic (e.g. AdWords, email, or social).
Before you switch, optimize your page for SSL by confirming that your page doesn’t include any unsecured content.
The easiest way to do this is to load up your page with https and then look at the various icons in the address bar.
Examples of unsecured content include:
- Lightboxes that pull content from unsecured sources
- Background images in any custom CSS hosted on http
(i.e.: <link rel="icon" type="image/png" href="http://example.com/myicon.png">)
- CSS tags linking to non secure scripts
(i.e.: <link href="http://example.com/styles.css" rel="stylesheet">)
- iFrames embedded using a custom HTML widget sourcing a non secure URL
(i.e.: <iframe src=”http://example.com/iframe.html”>)
We strongly recommend testing out your page on https before switching. You can do this by replacing http with https in the URL for the page your want to review.
NOTE: If you have unsecured content, your page visitors will get a mixed content warning, not only will your page not work as intended, it may negatively affect conversion rates.
If your page DOES include non-secure content:
Replace all embedded and referenced URLs with https://. This is the best solution if you intend to ALWAYS use the secure version of your landing page in your campaigns. This involves replacing all embedded and referenced URLs with https:// instead of “http://
If (and only if!) your host provides a http and https version of your page, one workaround is to change the path from a non-secure URL to a "protocol-less URL"
http://example.com/asset.ext would become //example.com/asset.ext
You Can Always Go Back
Got a mixed content warning? Don’t panic. Simply return to the source of your traffic (e.g. AdWords, email, or social) and switch your URL back to “http”.
Secure Site Seal
- Visit this link to get the Global Sign HTML code to embed on your page.
- Select your seal format:
- Once you’ve chosen the seal that you want to appear on your page, copy the HTML code provided.
- Head into the Page Builder and drop the HTML widget onto the page.
- Paste the code from Global sign onto your page and then delete the following lines of code:<!--- DO NOT EDIT - GlobalSign SSL Site Seal Code - DO NOT EDIT ---> and <!--- DO NOT EDIT - GlobalSign SSL Site Seal Code - DO NOT EDIT --->
- Publish the page and you will see the seal!
Things to know:
- The trust seal will only appear if GlobalSign can confirm that your page has an HTTPS web address
- If you do not remove the: <!--- DO NOT EDIT - GlobalSign SSL Site Seal Code - DO NOT EDIT ---> and <!--- DO NOT EDIT - GlobalSign SSL Site Seal Code - DO NOT EDIT ---> lines of code the HTML box in Unbounce will display an error, though the seal may still appear on your published page.