Suggestion: SSL for Site (HTTPS)

Whilst in general I prefer https over http, I wonder if there's any real need for it on this site since there's not much that can't be accessed without even being logged in...

(For the profile settings, yes, that would be advantageous.)

 

Methinks that's a little paranoid...

I think the biggest possible hurdle is the increased server costs.

Besides, it's annoying enough that the www and no-www variants are in different sessions ;-)

 

OK, i know the difference between having a secure server and a regular web server. Security is required for sales. There is no credit card company that will allow you to take credit or debit card transactions over an insecure setup. But, by and large, the security needs to be in the transmission between the server and the bank, not so much the server and the buyer, as the stream of data in a busy server includes a whole lot.

For example, if someone were to input a credit card number like this one while I was typing this and the credit card number was 1234 5678 9101 1121, a snoop would see:

1OK i2kno3 t4he5 …

While I am not typing any numbers, I am absolutely messing up the message and it would take a real human to determine what was going on. Credit card theft generally relies on low-hanging fruit, like phishing and breaking in to a storehouse of numbers in the clear in a database that is online. Thus, the transaction between the secured server and the bank is very important, as those numbers would be sent faster than anyone could possibly type.

And they would be very easy to parse.

A security certificate in the United States generally costs $25 to initiate and $100 annually. I am not sure what the fees are in Britain. I use Comodo Security Certificates.

If you are concerned that someone may find out that you have an interest in male Chastity, it is a very good idea to thwart that kind of snooping with something like https everywhere, which encrypts your communications with many major websites, making your browsing more secure. Chastity Mansion ought to take a look at the site, too.

As for making everything here secure, remember, secure traffic tends to tax a hosting server. If we have 80 people online at the same time, that may overload the server. And I think that would be worse than having some data more or less in the clear.

 

Yeah I have to agree SSL is a little overkill (appreciate a certificate is cheap, but its the admin side which is a bore). Lets be honest, if you're worried about people finding about what content you're posting on here, maybe its not a good idea to divulge that sort of information in the first place.

You can be as anonymous as you want to be here - I choose to have a face pic but that my risk. At most a snooper would be able to tell your IP address and what you posted. Lets face it, if they have the means to backtrace your IP to a specific individual, an SSL certificate won't stop them. Same as if its government snooping you're worried about.

Obviously the main thing is keeping your password secure and not sharing it with other site logins/bank logins etc, but to me thats a user responsibility, not the site admins.

 

Leave this one to you boys !!
. Xx Wendy