Solved

SSL Advise

Posted on 2013-06-24
3
384 Views
Last Modified: 2013-06-25
Hello Experts

I am gathering all the requirements which I would need to make a simple my account section for the customers on the website at the moment.

Access to this section is only to preapproved list of business customers, who would already have a login to connect.

I will not take any payment or store any card details in here.

Can someone please advise, if I would need to purchase SSL and install on the website for MyAccount section?

Thanks
0
Comment
Question by:arthur112
3 Comments
 
LVL 34

Accepted Solution

by:
Paul MacDonald earned 167 total points
ID: 39271333
It depends on what you're using the "my account" section for.  Without an SSL certificate, all data going back and forth between the client and the server is unencrypted.  This means people can (possibly) intercept the data that's being transmitted.  If you don't care about that, you don't need an SSL certificate.
0
 
LVL 20

Assisted Solution

by:Daniel Van Der Werken
Daniel Van Der Werken earned 167 total points
ID: 39271341
Any information that you think is confidential or should be private regarding your customers should not be sent via a non-SSL connection. Basically, anyone with a network sniffer like Wireshark or such can access any information sent to and from your site if it's not encrypted with an SSL connection.

If this information isn't stuff that's publicly available, you should use an SSL connection.
0
 
LVL 58

Assisted Solution

by:Gary
Gary earned 166 total points
ID: 39271342
If you are only storing names and addresses (publicly available data) then it's up to you to decide whether you need to use SSL.
If you are storing things like credit cards, social security numbers etc (non public data) then these must be sent over SSL
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When it comes to showing a 404 error page to your visitors, you do not want that generic page to show, and you especially do not want your hosting provider’s ad error page to show either. In this article, I will show you how to enable the custom 40…
The article shows the basic steps of integrating an HTML theme template into an ASP.NET MVC project
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question