Feel free to correct me on anything I got wrong! It's a random idea I thought of, and could help Chickensmoothie become more of a secure website. I'm talking about the WHOLE site converted to HTTPS, not just a few sensitive pages. c:
As pointed out by Burrito Bunny, do not fret about CS being unsecured when on pages that require you to submit sensitive content:
Burrito Bunny wrote:Some pages (like the log in page and the staff's areas to deal with tickets and reports) are protected by https, so you don't have to worry about personal information being lost! The general forum pages do not need https protection since there is nothing sentive on them.
Additionally transactions with the CS store are done through a secure connection with pay pal. CS itself doesn't take your information.
This subject covers the many pro's and minor cons about converting the whole website to HTTPS.
So... What does HTTPS mean, and what does it do?
HTTPS stands for Hypertext Transfer Protocol Secure. Meaning, the site is much more secure when submitting sensitive information, aka logging in, sending reports, simply replying to others, making posts...
Here's Chickensmoothie's connection when not on sensitive pages: (I use Google Chrome)
Here's Google's, which is a HTTPS site:
How can it help/benefit CS by converting the whole site to HTTPS?
Again, I'm not sure if it's possible: but changing the whole site over to HTTPS would make a HUGE difference, security and community growth wise. It will also have CS less vulnerable to hacks/other issues across the whole site.
Take Deviantart for example, they switched the site entirely over to HTTPS, making it much more secure when submitting anything sensitive and just simply browsing. Not only that, there are HTTPS sites that no longer support images from non-HTTPS sites; which makes a pet's html code 'broken' (Not showing the image) due to Chickensmoothie not being HTTPS.
This is just a small reasoning, but let's take a look at the bigger picture: Security.
When a site runs on HTTPS, it offers three layers of protection:
- encryption – the data is worthless to anyone who somehow manages to intercept it because they don’t have the key to decrypt it (you do).
- data integrity – data can’t be corrupted, which is a good thing.
- authentication – it prevents “man in the middle” attacks, which means that it’s not possible for anyone to trick your customers into thinking they’re providing you data when they’re really giving it to a scammer. This is what your SSL certificate (more on that soon) is for.
(Source: quicksprout )
Since accounts being hacked is becoming more common here, maybe switching the whole site over to HTTPS COULD knock down the hacked account numbers? Hackers will take any opportunities to do their dirty work, so extra protection on sites doesn't harm anything.
When I said HTTPS can help Chickensmoothie grow larger, I meant by much more people joining our community. It's no doubt that people prefer a much more secure website! This means, people rather join sites that's more secure, and ChickenSmoothie's community grows a tad bit more faster if everyone knows that the site is secure.
I'm not sure HTTPS requires more money, but! If it's a secure website, more and more users will feel more comfortable when it comes to purchasing C$ with money. More members this site has, the more users that have money to purchase C$ to help cover server and site costs. YES, the page IS secure, but it would ease the worries of those who doubt CS.
Basically, converting the whole site to HTTPS provides many benefits from more trust to even making the site less vulnerable to hackers/attacks.
Again, please correct me if I've gotten anything wrong. It's just a suggestion, it's okay to not support it!
Thank you so much for taking the time to read all of this!