HTTP vs HTTPS - What's the Consensus?

(SF) #1

I keep seeing posts recommending HTTPS, and my question is, if you’re running a brochure style site, with a contact page and few pages of information, should we being moving over to HTTPS?

And if we run a small 2-5 item store, using an offsite payment option like Paypal, does that change anything? (From what I gather, no, as they handle all the security.)

(scott williams) #2

No real reason not to anymore with free security certificates available.

(Jürgen Schulze) #3
  1. You would not want your visitors sending their personal data clear through your contacts page (illegal in EU)
  2. Google ranks better with SSL
  3. put heat on the systems of certain, uhm, service organizations
  4. affordable
  5. Give clients confidence
  6. No reason for a life with pants down

(Greg Schneck) #4

You may understand that PayPal has security but some users/visitors may not. Before we had ssl I’ve had people tell me they would place an order -IF- the site was secure. When I told them the cart itself was secure (ssl) they did not understand that the order process itself (cart) was in fact secure.

Note that there are two levels of SSL. Low level (shared) works fine for PayPal, and other vendors. If you collect private info yourself the card processor will require that you have non-shared “high level” SSL which normally costs.

That’s my experience… Ignore if it does not apply here…