amuck-landowner

When should you use SSL?

Wambo

New Member
When do you need to use it? What if your site isn't public facing is there any benefit in having an SSL?
 

drmike

100% Tier-1 Gogent
If you can deal with the cost and complexity of running SSL, by all means, do it for everything.
 

kunnu

Active Member
Verified Provider
If your website is storing customer data then use SSL, You can also use SSL on forum/blog so user can search on your site without fear of data leak.
 

Licensecart

Active Member
Some people disagree with me but if you can get a dedicated IP or a host with a SNI you should always use SSL, it stops most MITM attacks and allows that extra confidence with the website.
 

GalaxyHostPlus

New Member
Verified Provider
SSL shows website is trusted as webmaster care of taking secure of website also Google likes SSL for SEO so it will give better results than non SSL website.
 

mitgib

New Member
Verified Provider
allows that extra confidence with the website.

Explain what you mean here, to me I see this and instantly think marketing mumbo jumbo, the rest of your statement is spot on, to prevent MITM, SSL does not provide any actual security server side than that.
 

Licensecart

Active Member
Explain what you mean here, to me I see this and instantly think marketing mumbo jumbo, the rest of your statement is spot on, to prevent MITM, SSL does not provide any actual security server side than that.

ok now would you buy from a provider who had SSL on their site or would you buy from a provider without SSL?


You would probably go for the provider who has the SSL like most people including me.
 

eva2000

Active Member
Last edited by a moderator:

Layershift Dora

New Member
Verified Provider
It is generally recommended to use an SSL certificate on your site to increase users confidence ( SSL is an encryption technology used to protect sensitive information passed between a web server and a web browser). If your website doesn't have an SSL, browsers will display warning messages, some of the newer browser versions pro-actively encourage visitors to close the page


There are many types of SSL certificates, depending on the validation type or the certificate type. The basic Domain Control Validated SSL certificates (which verify that the person who requests the certificate has “administrative” access to the domain ) are the cheapest ones and the easiest to validate and install on your domain. In the middle you have the Organisation Validates ones -  the certificate authority manually checks some business identity documentation to validate the organisation behind the domain. At the top you have the Extended Validation ones which turn the address bar green - this is of particular significance in e-commerce scenarios where this directly translates to a measurable increase in sales as a direct result of the increased customer confidence.


There are also the single domain certificates - they cover a single domain, the multi-domain ones - which protect up to 210 domains hosted on a server and the wildcard ones - they protect all of the subdomains of your domain.


Long story short, SSL certificates increase users confidence and it's good to have them.
 

Layershift Dora

New Member
Verified Provider
And, if you website is not public, it's good to have it on the important areas of your website, to encrypt the data - as an extra security measure - you can never be to precocious nowadays I guess. 
 
Last edited by a moderator:

Layershift Dora

New Member
Verified Provider
Yeah, because of all of those hackers on your intranet right? :)


:) If you have sensitive areas on your website (even if it's not public) it's recommended to encrypt the data between the server and your website -  it ensures that all data passed between them remains private and integral, as the communication is performed over the HTTPS protocol. It's not mandatory,but it is a plus, that's all.
 

GIANT_CRAB

New Member
Any place that has login/registration or personal info. Sadly, LowEndTalk doesn't give 2cents/shits about TLS.


Meh, they're not the only ones doing this...
 

zionvps

Member
Verified Provider
SSL is so cheap these days you should implement it no matter what content you are hosting. Not only it encrypts the connection preventing MITM attacks but it increases the confidence even in a private website. Contrary to what others say, SSL is extremely easy to implement and it takes only minutes.
 

risharde

Member
Thinking about the op's question, it would be useful even if on the intranet. Underestimating users on your network is the first flaw you can make. I would use it if the intranet site has confidential content and gives you the added confidence that connections between the server and users are encrypted.
 

joepie91

New Member
SSL is so cheap these days you should implement it no matter what content you are hosting. Not only it encrypts the connection preventing MITM attacks but it increases the confidence even in a private website. Contrary to what others say, SSL is extremely easy to implement and it takes only minutes.

Well, no, it's not easy (yet) - at least not to do it correctly. And it isn't exactly cheap either. I'm hoping that Let's Encrypt will resolve both of those issues.
 

zionvps

Member
Verified Provider
@joepie91


If you look in the right place you can get one for less than $5 a year.


If you are running a web server manually, i assume you have a grasp of the configuration. Adding SSL support only requires 2-3 lines of code. If you want a better cipher strength you don't have to do a lot of research, just add the recommendations by ssllabs or mozilla. If you are using a panel like cpanel its point and click.


In the website section you just have to make sure all the internal and external resources are loaded over https 
 
Last edited by a moderator:

Localnode

New Member
Verified Provider
Considering Letsencrypt is free - there is really no excuse to not use an SSL.


Some people are hesitant with using an SSL but, the disadvantages of using SSL are few and the advantages far outweigh them.
 
Top
amuck-landowner