1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Site not secure

Discussion in 'Site Suggestions/Questions' started by paul w, Jan 6, 2019.

  1. paul w

    paul w PPS Time Served

    On my google search bar this site is labelled as Not Secure. Is there something i need to do my end, or is it nothing to worry about.
  2. crj

    crj PPS Master Craftsman Bar Member

    It's a good point actually. My internet guy strongly encouraged me to pay £60 to secure my website (it prob costs more to secure this one as there's loads more content) even though I don't hold any personal details on it . He said it can help with optimisation and if it wasn't secured it could potentially put visitors off. Not sure how necessary or true that was but I just paid it anyway for the sake of £60.
    Jason Gunter likes this.
  3. Tomcio

    Tomcio Brush Navigator Bar Member

    It's not secure to stay here as your wallet is in danger, we all know about it @paul w mate.:biggrin: Brushes, sprayers etc.
    bagshot, Hang it all, stevy and 4 others like this.
  4. Redhousepainter

    Redhousepainter Seditionary Bar Member

    I'm just guessing, but it's probably not classified as secure, because any member can upload stuff to it :dunno:
  5. mistcoat

    mistcoat Colour Changing Cowboy Staff Member PPS Painter Bar Member

    We do have SSL certification installed on the forum to protect login info and stuff. It is on an 'Auto Renew' setting so never runs out.
    Sometimes you may get the not secure message but it may be a false reading if you are running IE or XP.

    Hope that helps folks? :doff:
    Daf, Wayners, bitzz and 3 others like this.
  6. crj

    crj PPS Master Craftsman Bar Member

    Cheers Tim . Out of interest how come the padlock symbol isn't in the URL bar (think that's what it's called) then ?:think:
  7. mistcoat

    mistcoat Colour Changing Cowboy Staff Member PPS Painter Bar Member

    Because I haven't put the code in to show https yet.
    You're not buying anything here.

    I will add it when I upgrade the forum soon :thumbup:
    crj and Tomcio like this.
  8. Wayners

    Wayners I Taut I Taw A Puddy Tat Bar Member

    Misty answered but .. Forums aren't always the most secure sites because of costs I heard. However using the same or similar password for a forum and your bank is not a good idea. One of the guys I listen to has a forum with only the basic security. It's a forum not a bank he says.
    Tomcio likes this.
  9. imnu

    imnu PPS Tradesman

    Aren't you using OpenSSL and Zenforo? I do hope that they (or your host) don't make you pay extra for using openSSL (given that the point of OpenSLL is that it is free and doesn't require a dedicated IPv4 address).

    As an aside, Google started to downgrade sites that don't have system wide SSL certification a couple of years ago, even sites that don't require people to log in. IMO, that was fairly harsh but when you have 90(?)% of the western world's websearches, you can do what you want.

    I have no experience of working with Zenforo but have used Drupal, zencart, magento, Joomla and a few other CMS (both on shared hosts and my own VPS) . If you think that I might be able to help you with anything them feel free to contact me.

    Your site has helped me immensely, if I can reciprocate I will be more than happy to.
  10. mistcoat

    mistcoat Colour Changing Cowboy Staff Member PPS Painter Bar Member

    I'm sure you offered your help before @imnu , if my memory serves me well :think:
    Thank you for that kind sir! :doff:
    I will truly bear that offer in mind :friends:
    Redhousepainter and Daf like this.
  11. Wayners

    Wayners I Taut I Taw A Puddy Tat Bar Member

  12. Jason Gunter

    Jason Gunter Sea Fish magnet Bar Member

    The team at expert trades also say the same (at first they wern`t to sure but changed their mind after some research)
    crj likes this.
  13. imnu

    imnu PPS Tradesman

    A SSL doesn't actually secure your site per se. It just means that the data being sent is secured (read:encrypted). It doesn't protect you from being hacked though, that tends to happen at the server level, often as the result of Content Management Systems or the server software not being updated.

    It should be noted that the need to encrypt/decrypt does put extra overheads on the server. That said, in relative terms, as processors become faster, the overheads decrease. However, if the webhosting account has relatively low RAM, it could impact the overall performance of the site.

    IMO, you getting a SSL was a good move. Without one, you would probably drop down the Google search indexes and most browsers now make a point of saying that your site is "not secure". Many potential customers will not understand that "not secure" simply means that a "man in the middle" could see the same info that your potential customer sees (which is clearly not a security risk- but they may not understand that).

    This site only using the SSL for logins etc rather than being system wide does not pose a threat to us though.
    crj likes this.

Share This Page