SSL Certificate FAQs
This Comodo SSL Certificate FAQs section provides answers to questions such as How to choose, order, install, and manage SSL certificates., If you are new and unfamiliar with SSL security, then these FAQs will give you guidance.
SSL FAQ Categories
Basic SSL Knowledge
What is SSL?
SSL (Secure socket layer) is a standard security technology that provides secure communications between a web server and a browser. SSL uses a combination of public key and private key encryption to protect sensitive information like credit card numbers, login credentials, email addresses, etc. Furthermore, HTTPS, padlock and green address bar ensure users for a safe website browsing and online transactions.
What is a Domain Validated (DV) SSL Certificate?
Domain Validated (DV) SSL Certificates deliver the easiest & quickest solution to secure a domain since only the domain name is verified during the validation process. Anyone who can demonstrate control of a registered domain can get this SSL security within minutes of ordering. DV certificates are suitable for small or start-up businesses.
What is an Organization Validated (OV) SSL Certificate?
To receive an Organization Validated (OV) SSL certificate the customer must demonstrate control of a registered domain and provide certain pieces of company information that Comodo can verify using third-party sources. The OV certificate is a good solution for business sites to increase user trust as the certificate certifies and displays company information to prove ownership of the website.
What is an Extended Validation (EV) SSL Certificate?
An Extended Validation (EV) certificate is the premium SSL certificate. It provides great assurance to customers by displaying your organization's verified details in all major browsers. In browsers like Microsoft Internet Explorer, EV SSL displays your organization's name and/or domain name in green on the address bar, formerly known as 'green address bar'. Extended Validation (EV) SSL certificates provide a secure connection and provide visible proof to establish business identity validation.
How can I get the Green Bar for my website?
An Extended Validation (EV) SSL Certificate is the only certificate that displays your verified company name in all major web browsers. Now-a-days different browsers have different policies for displaying EV SSL.
- Internet Explorer shows entire address bar in green background color along with displaying the organization's legal operating name on the address bar.
- In browsers such as Microsoft Internet Explorer, EV SSL displays your organization's name and/or domain name and padlock symbol in green on the address bar.
- Google Chrome and Firefox shows organization's verified name and details after clicking on the padlock sign.
Can I qualify for an EV certificate?
To have an EV SSL Certificate you must demonstrate that your business is an official company registered with a government authority. You cannot qualify for any EV SSL Certificate if you are a Sole Proprietor or a Partnership registered in the U.K.
What certificates offer www and non-www coverage?
All Comodo SSL Certificates offer www and non-www coverage automatically, except for specialty certificates such as multi-domain (SAN) certificates.
What is a Wildcard SSL certificate?
A Wildcard SSL Certificate secures a single main domain (domain.com) and an unlimited number of subdomains (mail.domain.com, blog.domain.com, login.domain.com etc.) A wildcard SSL certificate is annotated with an asterisk, as in *.domain.com.
What is a Multi-domain or SAN certificate?
Multi Domain or SAN (Subject Alternative Names) certificates protects multiple domain names with a single certificate (domain.com, example.net, website.org etc). The Comodo multi-domain certificates can cover up to 250 domains with just one certificate.
What is the difference between Wildcard and SAN/Multi-Domain functionality?
A wildcard SSL certificate secures a single domain (domain.com) and an unlimited number of sub-domains at a specific level. A multi-domain (SAN) certificate protects multiple domain names (domain.com, newdomain.org, otherdomain.com) under one certificate. You can add/edit/ or delete SANs throughout the life cycle of your multi-domain certificate.
What is a Multi-Domain Wildcard SSL Certificate?
A multi-domain wildcard SSL certificate combines the features of a wildcard SSL certificate and a multi-domain certificate into one. It is designed to secure unlimited subdomains under multiple domains. During generation, the Common Name has to be a regular domain (www.domain.com) and the SAN fields can be your wildcard entries.
How can I use 256-bit encryption?
256-bit encryption (SHA-2) is available for all Comodo SSL certificates.
What is the difference between 1024- and 2048-bit key lengths?
1024 and 2048 bit key size or key length refers to the strength of the private key used in a cryptographic algorithm. 2048-bit keys are more secure than 1024-bit key size. 2048 keys are based on new latest industry standard.
What is the difference between SHA-1 and SHA-2?
SHA stands for Signature Hashing Algorithm which is used by the Certificate Authority to sign a certificate. SHA-1 is an older version of the algorithm and produce a 160-bit (20-byte) hash value. SHA-2 is the current hashing algorithm standard.
I'm a Sole Proprietor, can I still qualify for an OV/EV certificate?
Any sole proprietor outside of the UK can qualify for both OV and EV Certificates. However, a sole proprietor or partner from the UK can only get an OV SSL with additional documentations.
What is a Certificate Authority and what is your relationship to them?
Certificate Authority (CA) is an entity that is authorized to issue and manage digital certificates. Comodo is one of the most popular and leading CAs. We are resellers of Comodo digital certificates. We buy SSL Certificates in bulk from Comodo and pass along the savings to you. We also provide industry leading technical support 24/7.
Which SSL brands are most trusted & secure?
Recently, Comodo positioned itself as the leading SSL Certificate with a 33.6% market share & 6.6% usage. Additionally, all certificates from Comodo are available at affordable price with guaranteed high security.
Can I see which Certification Authorities have their own Trusted CA root present in browsers?
Of course, yes, Comodo has its roots included in modern devices and browsers. They come with 99% browser compatibility and browser ubiquity.
What is the SSL certificate warranty?
SSL Certificate Warranty provides protection if your SSL is misused, hacked or met to a data breach due to flaws in the certificate. Comodo offers different types of SSL with different warranty like $10,000, $25,000, $100,000, $1,750,000 etc.
What is browser ubiquity or browser recognition?
Browser recognition or browser ubiquity refers how many web browsers recognize an SSL Certificate and display SSL or trust indications properly. Higher browser ubiquity means higher browser recognition.
How long are your SSL certificates valid for?
Comodo SSL Certificates are offered from 1-2 years, depending on which certificate is ordered. Comodo's EV certificate can be issued for a maximum 2 years and DV & OV Certificate can be obtained for up to 2 years.
What is an Intermediate certificate?
An Intermediate Certificate is a CA Certificate that completes the chain between an SSL certificate and the trusted root in the web browser.
Where do I get my Intermediate certificate?
Can I use SSL to cover an internal domain?
Internal domains can be secured through SSL but it must be an official registered domain (a publicly available FQDN). SSL certificates will not be issued for internal domains if it is not a registered or delegated domain.
What is the difference between 128- and 256-bit security?
The main difference is the key length after establishing an SSL connection in the browser. But practical purpose, 128 bit security is enough to ensure security. The only reason 256-bit security is needed is if it's specifically required by your industry or company policy.
How many domains can I secure with a Multi-Domain SSL Certificate?
It depends on the certificate you buy, but Comodo Multi-domain Certificate can secure up to 250 domains.
What is a UC Certificate (UCC)?
A Unified Communications Certificate (UCC) is exclusively developed to protect MS Exchange Server 2007, Office Communications Server 2007, and Live Communications Server 2005. A single UCC SSL enables you to secure communication for multiple domains and host names on a single IP address. The certificate is best suitable to protect both internal network names as well as external domain names.
What should I do with my private key?
A private key is essential for your SSL certificate to work and it must remain private to avoid any man-in-the-middle-attacks. Only your hosting company can see the private key to install SSL on the server.
What should I do to expedite the validation of my order?
If you are looking to obtain your SSL certificate quickly; you can do it by contacting to your SSL certificate provider. Only the SSL provider can help you to make your order as top priority by using their close & direct connections with the CA.
How do I know what my Control Panel/Server OS is?
To know about your control panel or server OS, just contact to your web hosting provider or your IT support department.
Can I switch my method of Domain Control validation from Email to File, or vice versa?
Yes, you can switch your domain control validation method from file-based to email based or email-based to file-based for any SSL Certificate from Comodo.
If I buy a Domain Validated (DV) SSL Certificate, which document(s) do I need to provide?
Domain Validated (DV) SSL Certificate does not require any documents; you can have this certificate by simply proving your ownership of the domain.
If I buy an Organization Validated (OV) SSL Certificate, which document(s) do I need to provide?
The Organization validation SSL Certificate requires true identity of the business. So, you need to provide all accurate documents related to your company. Before asking any documents from you, Certificate Authority (CA) verify the organization through online government database. In case of inaccurate, incomplete, out of date business information, CA may request additional official government registration documents, which vary on a case-by-case basis.
If I buy an Extended Validation (EV) SSL Certificate, which document(s) do I need to provide?
Extended Validation (EV) SSL Certificate require strict verification. This certificate requires additional steps to have this certificate; you have to provide true organization verification, domain authentication, operational as well as the physical presence of the website owner for a simple telephone call by the Certificate Authority to complete the process.
If I buy a Code Signing Certificate, which document(s) do I need to provide?
There are two different types of Code signing available, code signing for individual or for an organization. You can have a code signing certificate by fulfilling all requirements of OV certificate. But, if you want to get a code signing for an individual, you need to complete a simple form to verify your identity. This form has to be notarized by a lawyer, CPA, or public notary, a scan of a government issued ID and you may also ask to provide additional documents by the Certificate Authority as need.
I haven't received my Domain Control Validation email (DCV) yet. What should I do?
There may be few reasons behind not receiving the Domain Control Validation (DCV). Check your order to make sure you entered the correct email address, without any typos. Also, check your spam or junk mail folders for the DCV email. You can request a change to your DCV email address; you can choose the registrant email address contained in the domain's who.is registration or one of the following file authorized alias email addresses at your domain:
[email protected], [email protected], [email protected], [email protected], [email protected]
My File Authentication file has been uploaded to the wrong directory. What should I do?
Upload the authentication file to the correct directory. If file is viewable for both yourdomain.com/file and subdomain.yourdomain.com/file, it means you have successfully uploaded your file to the appropriate directory.
How can I reschedule the phone verification call?
In case you missed the phone verification call and want to reschedule, just contact your SSL provider and tell them your availability. Make sure that the phone number you have provided is verified by the Certificate Authority.
My verified phone number is outdated, what should I do?
Please contact to your SSL provider to get appropriate advice to verify your outdated phone number. The SSL provider will tell you the right method of updating phone number or creating a new listing.
How long will validation take?
It depends on the type of certificate and the validation process of the Certificate Authority. Domain Validated (DV) Certificate can take a few minutes to a business day, Organization Validated (OV) Certificate can be issued within 2-3 days to be issued and Extended Validation (EV) Certificate usually take around 3-5 business days to be issued.
Who do I send a validation document to?
We highly recommend to send a validation document to your SSL provider because they have a list of email address or contact information for the Certificate Authority. They will submit your documents as per your region and type of SSL certificate you purchased.
Why is my order showing Failed Security Review? What does that mean?
This doesn't necessarily mean that your SSL is invalid or erroneous. If you see a "Failed Security Review" message, just contact us and we'll work directly with Comodo CA to identify and resolve the issue for you.
I completed validation, but never received the certificate. What should I do?
Once you complete validation, certificate authority will send the certificate to the technical contact email address that you provided in your order. In case you didn't receive it, check your spam or junk folder of the email folder. You can also download your issued certificate in your storefront account.
Can I use the email address listed in the WHO.IS record to complete Domain Control Verification (DCV)?
Yes, you can use the registrant email address listed in the WHO.IS record for DV, OV and EV certificates.
I cannot remember or have lost my login details.
Just send a note from your administrative email address to [email protected] and include your registered domain name and/or order number.
I have accidentally deleted my "private key" what can I do now?
You can re-install your 'Private Key' using your backup with the help of your system administrator. In case you don't have a backup, contact your web server software vendor for technical support. The last alternative is re-issuance of the certificate following the re-submitting of a replacement CSR.
I have changed my server, or moved to a different provider; how do I move the certificate?
It's easy, just create a new CSR on the new machine and have the certificate re-issued.
What is a CSR?
A Certificate Signing Request (CSR) is an encoded file that is generated on the server for all SSL Certificates. The CSR file includes information that identifies your organization and domain name.
How do I generate a CSR?
You can generate a CSR through your web server software; but before generate a CSR consult your official documentations for server, control panel and operating system which you can get through Google search.
I have noticed something incorrect in my CSR. What should I do?
You can't modify CSR once it's created. If you found anything incorrect information in your CSR than you have only one option that is to generate a new CSR with the correct details.
The CSR cannot be decoded. What does that mean and what should I do?
Confirm that you have copied the correct file along with the complete header and footer lines to include all the hyphens, and be sure it is not your previous SSL or self-signed certificate or if it is bundled as a PKCS7 or PKCS12. Or, you could have a password that does not have alphanumeric characters or disallowed characters. If this is the case, you will require to generate a new CSR without the disallowed characters in the password. Keep in mind to use the English alphabet and numbers 0-9 but no special characters.
What should I do if I receive a 'CSR invalid' error during the certificate activation process?
You may see a CSR invalid error during the certificate activation process due to incorrect format for your certificate and also may be using disallowed characters in the other filed. In this case, you need to generate a new CSR using only the English alphabet and numbers 0-9 and do not use any special characters.
What is a private key used for?
A private key is important for SSL installation and it should be kept privately on your server. You should not expose it to your SSL provider or other users. Sometimes your web hosting company may ask for your private key to create an SSL secure connection, then you may share it with the only web host. In case, if you lost or deleted your Private Key, then you must generate a new CSR on your server because any Certificate Authority or SSL Provider doesn't provide private key.
How do I add additional domains to a multi-domain/SAN certificate?
It's easy, Just reissue the certificate to add additional domains to a multi-domain or SAN certificate.
I entered in the wrong common name, how do I change it?
In case you entered the wrong common name, you can't change it. You have to cancel and reissue your certificate and generate a new CSR with the correct common name.
I have accidentally deleted my "private key," what can I do now?
Reissue the certificate with a new CSR that was generated on your server.
I have changed my server, or moved to a different provider; how do I move my SSL certificate?
You can move your SSL certificate to a different server, you need your private key on the active certificate. But, if you don't have your private key then you will have to reissue the certificate with new CSR.
Is technical support available from the CA? Should I need it?
Certificate Authority (CA) does not provide direct technical support, you have to contact to your SSL provider. Your SSL provider is able to provide support for any technical issue that you are facing. However, you can contact the CA directly for questions and support related to the actual validation process of the SSL certificate.
How do I download my certificate files?
As you complete your order, the CA will send the certificate to the technical contact email that you listed on the order.
How can I install my SSL certificate on more than one server?
There are two ways to install SSL certificate on more than one server. First, import the certificate, private key and intermediate files on server #2, #3 etc. Another way is to generate a new CSR and private key on server #2, #03 etc and reissue the active certificate.
My certificate works in my browser, but my visitors get a Security Alert that says 'The security certificate was issued by a company you have not chosen to trust...' What is the problem?
If visitor's browser unable to identify the certificate or the certificate is outdated or incorrect, then your visitors may face this error message. To solve the issue, first make your visitors are seeing the correct certificate. In case, your visitors seeing the correct certificate, then you can solve this issue by installing the intermediate certificates.
You can download Comodo intermediate certificate from following link- https://support.comodo.com/index.php?/comodo/Knowledgebase/List/Index/108/sha-2
Do I need a dedicated/static IP address to use an SSL certificate?
It depends on your web server configuration and/or web host policies. A dedicated IP address is not required if server name identification (SNI) is enabled on your web server.
My browser is not showing the green padlock/green bar, why?
There may be several reasons behind not showing the green bar or green padlock, check out the most common reason below -
- Now-a-days all the browsers have different policies for displaying EV SSL. Not all browsers will show a green bar or green padlock on HTTPS urls.
- If your HTML elements of the site are linked with http then it may be seen as insecure content and need to update via your system administrator.
- Your certificate is issued from an intermediate file and if missing or invalid is, then the padlock may not show. Make sure that you have installed this alongside your certificate on your server. Your SSL provider can provide this file if you don't have.
- In case of incorrect certificate. If you installed an old expired certificate or a certificate provided by your hosting company or a self-signed certificate on the site. You will need to identify the source of the incorrect certificate and contact that party to resolve the issue.
When trying to go to the site over https, it displays the message 'The page cannot be displayed.' Why is that?
In reality, there may be several reasons behind this sort of error message, some may be related to the certificate or some may be not. So, it will be better to get solution of the error message; just click on detail to get more specific information about the message. Then, tell us; we'll help you to remove this error message.
Why does the website say the name on the security certificate does not match the name of the site?
There may be some specific reasons, when your the common name in the certificate and URL in the browser are not EXACT match, when www. is missing in the browser or domain in the certificate, if the web host's certificate is incorrectly assigned to your domain name and sometimes it also happens if you purchased a certificate which not cover the specific subdomain that you are looking at.
Why does the website say the SSL certificate is 'Untrusted'?
How can I check to see that my SSL certificate works properly and has been installed correctly?
How can I renew my SSL certificate?
A renewal is similar to purchase a new SSL Certificate. In the industry, 'Renewal' is used as a term by all SSL providers. Further, if you go for "renewal" the remaining time on your existing certificate will be rolled over to your new renewal certificate.
Do I need to create a new CSR to renew my certificate?
When you renew a certificate, you can use original CSR but this CSR uses the same exact private key which may be a drawback of security. So, we highly recommend to generate a new CSR to renew a certificate.
Do I need to provide my business verification document again for renewing my OV/EV SSL certificate?
It depends of the type of certificate. Usually, Certificate Authority may use your previous documents to renew process for some certificate, but in case if any information of the organization has changed then you need to submit your new documents again. In case of an EV SSL order, you are required to complete full business validation again if the certificate validated more than 13 months. For OV SSL, you can reuse the previous information up to 27 months from the original order.
I paid for my renewal, (where is my certificate/why is my site not secure)?
When you paid for your renewal and completed all process of the order, then look at your account or email address to generate or apply for your new order. Once you have generated a certificate, make sure that your new certificate was issued and then installed in place of the old expiring certificate.
I purchased a renewal certificate, but my website still displays the old certificate. What should I do?
If you have completed a renewal process and installed, but sill displaying the old certificate, then the issue may be with the configuration. To resolve this issue, just restart your webserver (http server) also to uninstall/delete the incorrect/old certificate(s).
What is a Code Signing Certificate?
Code signing certificate is a digitally signed certificate that used to prove that the code has not been altered or corrupted since it was signed by the author. You can sign many different types of codes including .exe, .cab, .dll, .ocx, and .xpi files.
How do I generate a Code Signing certificate? Do I need a CSR?
If you want to use in-browser control provided by the Certificate Authority, you must use Firefox as the default browser in order to generate a code signing certificate. The browser is essential because if the browser is not used properly, then you may receive an error message. If you use Firefox as default browser than you will be able to automatically generate the CSR and store the private key within Firefox's file system and this will be due to in-browser controls. This unique private key will automatically be pulled by the corresponding certificate during the installation/download process.
How do I download my code signing certificate?
As you finish the validation process, the CA will send a 'collection' or 'pick-up' link to the verified email address. Follow the link and download the certificate using the same computer and the same Firefox browser which generated the order. Firefox will pull the previous stored private key automatically and install the code signing certificate. Export the code signing certificate and private key from the browser into a PFX (.p12) file when the downloading has finished.
Why can't I download my code signing certificate?
You may face trouble to download the code signing certificate and this may happen due to several different reasons. First, if Firefox is not default browser or if you are not using browser properly, then you will receive an error message. Second, if you are not using the same PC which generated the order, in this case if you use a different PC than the corresponding private key will be missed and you will not able to download code signing certificate.
How do I export my certificate from my browser?
Export your code signing certificate by following simple steps given below, but keep in the mind that the certificate can be generated and export from Firefox browser -
- Click the "Open" menu.
- Go to 'Options'
- Click on "Advanced" or "Encryption"
- Select "View Certificates" under the certificate tab
- Under Your Certificates, click your certificate name
- Once highlighted, select "back up all" and enter in your passphrase
How do I use my platform's signing tool?
The most common platforms are Microsoft, JAVA, Adobe, etc… The platform is used by developers to sign their applications using specific tools. Each platform is different, so please reference official instructions for your particular platform.
What platforms can I sign for?
You can use following platforms to sign -
- Windows 8
- Any Microsoft format (32 and 64 bit), EXE, OCX, MSI, CAB, DLL, and kernel software
- Adobe AIR applications
- JAVA applets
- Mozilla Object files
- MS Office Macro or VBA (Visual Basic for Applications) files
- Apple Mac software for MacOS 9 and OSX
- Microsoft Silverlight applications or XAF files
How reliable is CodeGuard?
CodeGuard's systems perform at 99.9% levels, which means that roughly 1 out of 1,000 websites encounters an issue on a daily basis. Hosting providers perform maintenance on servers, customers change FTP login credentials, and IP whitelisting settings for database connections can change, based upon hosting provider server admin activity. These are common behaviors and not cause for concern, as CodeGuard determines the root cause for the lack of connectivity, and emails the customer so they can remediate.
How secure is CodeGuard?
CodeGuard relies upon industry best practices to protect customers' data. All backups and passwords are encrypted, secure connections (SFTP/SSH/SSL) are utilized if possible, and annual vulnerability testing is conducted by an independent agency. To-date, there has not been a data breach or successful hack or attack upon CodeGuard.
How long has CodeGuard been around?
CodeGuard was started in 2010, inspired by problems faced by small business owners. Technology angel investors and venture capitalists funded CodeGuard in the early stages and the company is now profitably growing – so there is no need to worry about your backups going anywhere!
Where are the backups stored?
Backups are stored on Amazon Web Services Simple Storage System, known as S3. S3 boasts object durability levels of 99.999999999%, achieved by storing redundant copies of data across multiple geographies and facilities. S3 is not the cheapest alternative for data storage, but it is one of the most reliable.
Are the backups encrypted?
Our data stored on Amazon Web Services (AWS) is stored utilizing Server Side Encryption (SSE). AWS handles key management and key protection for us, with one of the strongest block ciphers available, 256-bit Advanced Encryption Standard (AES-256).
How are passwords stored?
Two different types of passwords are stored on the system – customer account passwords to log in to CodeGuard, and passwords for customer server credentials (FTP/SFTP, MySQL). The customer account passwords are stored with a one-way salted hash. At rest, these passwords reside in Amazon's Relational Database Service (RDS). Customer server credential passwords are stored in RDS with RSA 2048-bit key encryption.
I already use my hosting provider's backup. Won't that protect me?
Not necessarily. Hosting companies tend to keep your backups in the same place as your primary files. You don't carry around a copy of your birth certificate along with the actual one – you keep the real one safe at home for emergencies. So why not do the same for your backups? CodeGuard provides safe, offsite backup that is 100% independent from your hosting provider.
But don't just take our word for it – there are plenty of folks who agree.
"The back-up systems of most web-services providers leave a lot to be desired. The back-ups sound reassuring in theory – you are assured that your data is always 'backed-up' on a system that is completely separate from the main one … But then, when you dig, you often discover that that means the data is simply copied to another file on the same box or another box in the same data room." – Business Insider, 4/28/11
Will CodeGuard work with my website or blog platform?
Yes – CodeGuard works the same way regardless of the type of website or platform you use! We are compatible with popular Content Management Systems like WordPress, Joomla, Drupal, and Magento, but there are many others that CodeGuard can work with.
If the platform you use meets the following criteria, CodeGuard can be used for your website and database backup needs:
- You must have access to your website's FTP/SFTP credentials in order to connect to CodeGuard.
- Your site must use MySQL or MS-SQL databases.
- You must be able to whitelist the following CodeGuard IP addresses so that we can remotely connect to your database:
- – 18.104.22.168
- – 22.214.171.124
- – 126.96.36.199
- – 188.8.131.52
- – 184.108.40.206
Note: if your website doesn't meet the above criteria, you can use the CodeGuard WordPress plugin to backup any WordPress website.
How do backups work?
All file content is retrieved for the first backup using the "get" command over FTP or SFTP. Disk I/O is utilized as each file is retrieved and transferred to CodeGuard's servers. CPU and memory needs are minimal.
Subsequent backups are differential and do not entail transferring all content. This is achieved by utilizing the "ls – list" command and examining the metadata for each file: name, size, timestamp, file type, permissions, and last modified date. If any of these have changed, or a new file has been added, CodeGuard will transfer the changed or added file to their servers. If a file has been deleted, CodeGuard takes note and adjusts the repository accordingly. Since only changed file content is transferred, the vast majority of subsequent backups cause minimal memory, CPU, and I/O server needs.
How does the restore/undo work?
When a customer seeks to restore a previous version of their website, the first thing CodeGuard does is to check the live website to see what content is on it. This enables CodeGuard to quickly push (or pull) the differences to or from your site. For instance, you might experience a hack that changes your .htaccess file and nothing else. Rather than reload your entire site, CodeGuard would simply replace the infected .htaccess file with your old clean copy.
Will it bog down my server?
No. CodeGuard uses incremental backups with version control to minimize the load on your server.
Will I have to set up cron jobs?
No. CodeGuard handles scheduling and executing backups – automatically.
What credentials will I need?–Website Setup
For adding your website, you will need the following information:
- – Website URL
- – Hostname/IP Address
- – SFTP/FTP Username
- – SFTP/FTP Password
- – Port Number
- – Root Directory
Does CodeGuard have a WordPress plugin?
Yes! For those using WordPress CodeGuard has a WordPress plugin for daily automatic website/database backups and automatic restore. You can download the plugin from within your CodeGuard account - setup takes less than 1 minute.
Does CodeGuard backup databases?
Yes. You have several options in backing up your databases. CodeGuard can connect directly to your MySQL database, typically through Port 3306, or by tunneling over SSH with your FTP credentials or different credentials.
How does it work?
A mysqldump command is executed each time CodeGuard retrieves the database content. Most MySQL databases are not large enough to create noticeable server load.
What credentials will I need?–Database Setup
For adding your MySQL database, you will need the following information:
- – Database Name
- – Database Hostname or IP
- – MySQL Username
- – MySQL Password
- – MySQL Port (Typically 3306)
If you are tunneling through SSH, you will also need the following information:
- – SSH Username
- – SSH Password
- – SSP Port (Typically 22)
For MS-SQL databases, you will need the following information:
- – Database Name
- – Database Hostname or IP
- – MS-SQL Username
- – MS-SQL Password
- – MS-SQL Port (Typically 1433)
Will I need to whitelist any IP addresses?
Yes, you will need to whitelist the following IP addresses:
- – 220.127.116.11
- – 18.104.22.168
- – 22.214.171.124
- – 126.96.36.199
- – 188.8.131.52
What types of databases does CodeGuard back up?
At this time, CodeGuard is compatible with MySQL and MS-SQL databases.
There are different types of MySQL database storage engines such as MyISAM and InnoDB, and CodeGuard is compatible with all of them.
CodeGuard can also back up a MariaDB database. MariaDB is a community-developed fork of MySQL that has intentions of continuing high compatibility with MySQL databases. Because of this compatibility, CodeGuard backups work well with MariaDB databases.
A few common database types that CodeGuard is not compatible with at this time are PostgreSQL, SQLite, and MongoDB.
Connections to MySQL databases are available through direct MySQL connections or by tunneling over SSH, and direct MS-SQL connections are available for MS-SQL databases.
Is my database locked during backup?
CodeGuard does not explicitly lock database rows or tables at any time during the backup process.
For databases using modern storage systems like InnoDB, backups are performed using a single transaction. This allows for backup consistency while avoiding any lock or contention issues. As a result, this process will not impact the operation of your database.
However, if you have large tables using the legacy MyISAM storage engine, that could lead to undesirable behavior. Since MyISAM does not support transactions and enforces table-level locking for read operations, write and update requests to a table may be delayed while the data export is occurring. In the case of a very large table, they could be delayed for several minutes, giving the appearance that the database or application has become unresponsive.
The CodeGuard database backup process uses the industry-standard mysqldump tool to export your database content.