Generational Theory Forum: The Fourth Turning Forum: A message board discussing generations and the Strauss Howe generational theory
How hard would adding SSL to the site be? - Printable Version

+- Generational Theory Forum: The Fourth Turning Forum: A message board discussing generations and the Strauss Howe generational theory (http://generational-theory.com/forum)
+-- Forum: About the Forums (http://generational-theory.com/forum/forum-23.html)
+--- Forum: Forum feedback (http://generational-theory.com/forum/forum-25.html)
+--- Thread: How hard would adding SSL to the site be? (/thread-5666.html)



How hard would adding SSL to the site be? - Hintergrund - 08-23-2019

Whenever I log in, I get remembered by the forum software that the connection is insecure. Can we get this changed? Certificates don't cost the world.


RE: How hard would adding SSL to the site be? - Warren Dew - 08-23-2019

Are you offering to pay for it?


RE: How hard would adding SSL to the site be? - David Horn - 08-23-2019

Secure Shell (SSH) and Secure Sockets Layer (SSL)* are not really appropriate for a multiuser platform. A more aggressive firewall and some other security features used to identify and reject "improper" traffic might be a good idea, but, as Warren noted, who pays? They are far from free on an open server hosting a bulletin board service.

* Actually, SSL has been replaced by Transport Layer Security (TLS), which is similar and equally inappropriate.


RE: How hard would adding SSL to the site be? - Hintergrund - 08-25-2019

Many internet fora use SSL. Not to mention the big social networks.


RE: How hard would adding SSL to the site be? - Warren Dew - 08-26-2019

Technically, it's pretty easy, and perfectly appropriate for a multiuser platform. It's arguably unnecessary for a public platform, but it still helps protect things like passwords. You do have to pay money - somewhere between $10 and $100 per year - for the certificate.


RE: How hard would adding SSL to the site be? - David Horn - 08-26-2019

(08-26-2019, 11:05 AM)Warren Dew Wrote: Technically, it's pretty easy, and perfectly appropriate for a multiuser platform.  It's arguably unnecessary for a public platform, but it still helps protect things like passwords.  You do have to pay money - somewhere between $10 and $100 per year - for the certificate.

If the only use is account management, it seems a bit of a waste.  Our biggest issue is spam. If the spammer has an account, SSL won't stop the spamming. When the old forum was on an open platform (prior to migration to vBulletin), the problem was direct attacks on the forum. Now, we're just to small and insignificant to be a target. Just my $0.02