| Author |
Replies: 17 / Views: 3,513 |
|
New Member
38 Posts |
Why not secure this website with Transport Layer Security or Secure Socket Layer?
|
|
|
|
Forum Dad
 United States
24177 Posts |
Why? Afraid someone will steal your banking numbers? Oh wait.....
|
|
Pillar of the Community
 United States
4594 Posts |
It's actually a legit question, more and more of the web is moving to https.
At a minimum, CCF should accept requests https:// if we're not mandating it.
-----Burton 50+ year / Life / Emeritus ANA member (joined 12/1/1973) Life member: Numismatics International, CONECA Member: TNA, FtWCC, NETCC, EveryCountry (online) coin club Owned by three cats and a wife of 40+ years (joined 1983) Author: 3rd Edition of the Sample Slabs book, https://www.sampleslabs.info/
|
|
Forum Dad
 United States
24177 Posts |
I find it horrifying it's being shoved down our throats. It's 100% not necessary here, and a huge waste.
|
|
New Member
 38 Posts |
It's not a huge waste, and plus many websites use it even though there is no transfer of confidential information (except for maybe your email address, which by the way, is needed to create an account for this website).
|
|
Pillar of the Community
Russian Federation
5177 Posts |
Numista was almost entirely inaccessible for several hours a few days ago, when their HTTPS certificate accidentally lapsed and the security settings didn't allow just using plain HTTP.
I personally really don't want this happening with CCF.
|
|
Forum Dad
 United States
24177 Posts |
Quote: It's not a huge waste, and plus many websites use it even though there is no transfer of confidential information Well, good luck to those sheeple. I repeat, huge waste. We'll end up having to do it of course since Google controls the internet and will just stop sending traffic. I'd love to see if Google or one of it's shells just bought stock in any SSL companies.
|
|
Pillar of the Community
United States
3479 Posts |
Omg! C'mon guys. Are you kidding me? This is NOT an ecommerce website. What are you worried about? Someone hacks the site and gets your email address? Guess what? If you've had your email address for over 3 months, chances are, spammers already have it in their databases.
You don't provide any personal information to this site other than your email address.
You're not exchanging any financial information through this site.
Get with the program!
Bobby: you have my sympathies
Edited by MikeF 05/29/2017 12:52 am
|
|
Pillar of the Community
United States
1475 Posts |
Let me throw in my Two Cents from a guy who ran web development company. It's pain in the behind to implement requirements mandated by SSL companies, which by the way, changes frequently. I believe this forum is run by volunteers. Getting servers up all the time is a tall task. We don't need to add another headache. At least I was getting paid. But, most importantly, I don't think we "need" SSL for now. IMO. My hats off to bobby for his work 
Edited by Coconutjoe 05/29/2017 02:38 am
|
|
Pillar of the Community
United States
4085 Posts |
I will also add that hacking the site itself really has nothing to do with SSL; SSL encrypts the data going back and forth when you post and not what is stored on the CCF servers. Since basically everything you transmit to CCF ends up publically posted, there's not much risk there. The only real risk is when you log in, but as long as you don't re-use the same password for other sites like your bank, there's really no risk. If you are using the same password elsewhere, you should fix that for MANY reasons, SSL being pretty far down on the list.
I know enough about SSL to know it is some work to set up and keep current; there are different ciphers and protocols that get hacked / compromised and so then have to be updated which then can cause browser compatibility issues, etc. We have a couple of guys at work who really know this stuff luckily.
Edited by KenKat 05/29/2017 10:27 am
|
|
Moderator
 United States
189654 Posts |
Anyone notice anything different today? 
|
|
Pillar of the Community
United States
1475 Posts |
|
|
Pillar of the Community
United States
2023 Posts |
 Technically, I understand the issues with doing it and the relative lack of benefit, but KenKat's comment about the insecure login did catch my eye and there is something to be said for being recognized as HTTPS from the outside (human perception of security, Google ranking). Well done, hope it doesn't come back to bite you too much.
|
|
Pillar of the Community
United States
3479 Posts |
Yes I did. @Bobby how much did it cost to do? If you don't feel comfortable answering I understand. I am also a webmaster and have looked into it purely to improve my rankings.
|
|
Forum Dad
 United States
24177 Posts |
It was $138 dollars a year for both here and the stamp site. $69 a site.
I've also been working since 6 AM this morning fixing broken things.
|
|
Pillar of the Community
United States
3479 Posts |
Well that's a lot cheaper than what I was quoted.  Might be time to fire my web developer and change hosting companies. 
|
| |
Replies: 17 / Views: 3,513 |