Why community-administrators should slowly but surely think about using SSL...

This site uses cookies. By continuing to browse this site, you are agreeing to our Cookie Policy.

  • Why community-administrators should slowly but surely think about using SSL...

    29 Dec 2016 1

    SSL * ("Secure Sockets Layer") is a transmission protocol that ensures greater security during data transfer. While data, such as passwords, is transmitted in plain text, SSL transmits encrypted data, thus they can't be read automatically.

    Encryption is important for instance in foreign wireless networks within public places. Here, you basically shouldn't register with pages without an HTTPS connection because otherwise the data (passwords, etc.) can be read by other people, too.

    Even without that knowledge it is generally a good idea to use SSL in order to provide some protection for the password transmission to one's users. Quite a few people use the same password for many accounts and it isn't always obvious how and where there has been a hack.

    One basic thing is going to be changed on 1.1.2017. Google will proceed with Chrome to mark pages with forms, including unencrypted transferred data, as unsafe. That looks as follows, taken the example for a login into Burning Board 4:

    However, this is just the beginning because Google leaves the door open for future instructions appearing even more striking, that might look like this:

    Now the question arises for administrators whether this doesn't have a negative affect on new members. It can be quite daunting to register if one is confronted directly with the note that the data isn't safe on a page. Especially if that isn't the case in other forums.

    It is assumed that the other browser developers will follow suit with a similar note. This is speculative, however, as well as the assumption that unsafe sites in the Google ranking could in the future be disadvantaged. Nevertheless, this isn't excluded as it would be the next logical step to proceed in that way.

    SSL certificates were previously reserved for server operators, but it is now possible for many providers (for example, HostEurope or ALL INC COM) to protect webspace with SSL. SSL also not necessarily entails additional costs, with Let's encrypt there's a way to get free certificates:


    Anyone who hasn't dealt so far with the topic, should contemplate it soon because there is no longer a real reason to run a forum unencrypted. Apart from security aspects, pages transmitted via HTTPS are considered to load quicker.

    Source: security.googleblog.com/2016/0…ards-more-secure-web.html

    * TLS (Transport Layer Security) is the successor to SSL, but the old term SSL is more commonly used.

    Mein Blog: TwentyMag <- Lesen, Teilen, Liken, Kommentieren, Abonnieren. Ihr wisst bescheid, was labere ich hier groß rum

    1,524 times read

Comments 1