fettlebox Posted August 4, 2012 Share Posted August 4, 2012 Is one needed if Paypal is the only payment method? Quote Link to comment Share on other sites More sharing options...
Dirty Butter Posted August 5, 2012 Share Posted August 5, 2012 I don't use it. Would be interested to hear if there's any reason to have it. Quote Link to comment Share on other sites More sharing options...
fettlebox Posted August 5, 2012 Author Share Posted August 5, 2012 As paypal are handling payments it seem it's also recommended to protect login details - the risk being someone uses the same details on multiple accounts such as banking etc so if the user/pass are captured a hacker could use them on the users other accounts. Quote Link to comment Share on other sites More sharing options...
Dirty Butter Posted August 5, 2012 Share Posted August 5, 2012 That's certainly true, as many people are stupidly careless with passwords. I'm not going to pay for SSL if I can help it, but I will add something to our Security-Privacy Policy and the Register page warning THEM to use a different login/password with us!! Quote Link to comment Share on other sites More sharing options...
SimChris Posted August 7, 2012 Share Posted August 7, 2012 A self-signed SSL cert is better than nothing, but it provides no info for the visitor from a third party. You should technically have SSL for anything that is a log-in, and Google and others are starting to enforce that kind of link for some things, and may at some point throw up their own 'warning' when going to any login page without SSL. Realistically, even with a cheap GoDaddy cert, you're better off giving your customers peace of mind. I won't fill out any login/password without SSL, particularly since stuff CAN be intercepted in various ways - especially if you're on a shared server, etc. SSL makes that point to point "lock" safe from a lot of stuff. We also use authorize.net, so we have to use SSL also for the secure connection. It's also nice that the connection from our system to PayPal is secure on both sides. Quote Link to comment Share on other sites More sharing options...
Guest Posted August 8, 2012 Share Posted August 8, 2012 You can buy an SSL cert from GoDaddy for $13 a year. You may have to pay your host a bit more for the dedicated IP, but the certs are dirt cheap with a coupon code. Just google it....it's either 'sslpromo' or 'promossl'. But no, with PayPal Standard, you don't need SSL at all. But having may make customers feel better about doing business with you as it shows you care about their privacy and security. Quote Link to comment Share on other sites More sharing options...
Dirty Butter Posted August 8, 2012 Share Posted August 8, 2012 Thanks for the info, Sir William. I don't know what our host charges for the dedicated IP, so I'll have to check into that. I have been scared off of it, knowing it was not essential in my situation, partially because of price, and fear of the unknown on my part in making the change to our store, but also because I've seen so many posts that I interpreted as people having trouble getting everything in CC to work correctly with SSL turned on. Do people still have issues using SSL? Quote Link to comment Share on other sites More sharing options...
Guest elinejoseph85 Posted August 9, 2012 Share Posted August 9, 2012 An SSL certificate encrypts information interchanged over the web so that only the confirmed hosting server with the key for decryption may access the details provided by the individual. Personalized details such as brands, specifics, statistics, electronic mails, account statistics, bank card details and account particulars are all retained safe. If a cyberpunk were to identify any of this data, it is almost complicated for him or her to appear sensible of it. The cyberpunk would come across the secured information, which is useless without the security requirements owned and operated only by the qualified individual. This guarantee of security is crucial for internet surfers. Buyers or Shoppers are never going to share personal details if they worry it could get compromised and thieved. I got mine SSL certificate from Platinum Certificate Authority https://www.rapidsslonline.com/ at just $10.89/Yr Quote Link to comment Share on other sites More sharing options...
SimChris Posted August 10, 2012 Share Posted August 10, 2012 Also, fyi, with some hosting platforms now; including Plesk/Parallels on LInux with the latest versions, I don't believe a dedicated IP is still needed for implementing SSL due to some clever internal DNS trickery. I remember seeing this in one of our system updates not long ago, so I don't have link to point at, but check with your hosting provider. We manage our own DNS as well, so it may only work in that instance, not sure. But I do remember seeing this as a new "feature" due to the idea of making dedicated IPs less necessary for hosting environments due to so-called "scarcity" of IPv4 IP addresses. Upshot - you may not need to pay extra for dedicated IP with your host if they have updated their core OS and hosting panels to 2012 versions. And, SSL is good for any site which has a username/password environment, working with customers. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.