• Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
Locked
0

F.A.O Nancy - SSL Certificates

LEGEND ,
Aug 30, 2021 Aug 30, 2021

Copy link to clipboard

Copied

This is exactly what you said:

 

'It's not the XYZ data the bad guys want. They want to know where it came from. Forms on an unencrypted site provide the weakness they're looking for. And you've provided them with an easy entry point for further exploitation and proliferation of malware..'

 

Reads to me as though you seem to think that  SSL certificates will prevent malware being installed, unless Im reading it wrong.

 

Personally I dont think either of us are qualified to be giving out advice regarding what and what SSL certificates do prevent and what they dont prevent. Its quite scary IF you care to read and do some research how vulnerable a website can still be, even with a SSL certificate in place.

 

 

 

 

 

Views

131

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
Aug 30, 2021 Aug 30, 2021

Copy link to clipboard

Copied

No, you're reading it wrong. Exploitation can include many things.  The most common is data injection which links out to malicious sites.  Of course SSL alone doesn't make a site fully secure.  But it adds another layer of insulation between your site and the cyber bad guys who will proliferate malware and other nasties if given half-a-chance. 

 

SSL encryption is NOT a bad thing.  I can't understand why you resist it so much.  From where I sit, SSL certs for all sites are a win/win for everyone except the cyber bad guys. 

 

Nancy O'Shea— Product User, Community Expert & Moderator

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
LEGEND ,
Aug 30, 2021 Aug 30, 2021

Copy link to clipboard

Copied

LATEST
quote

No, you're reading it wrong. Exploitation can include many things.  The most common is data injection which links out to malicious sites.  Of course SSL alone doesn't make a site fully secure.  But it adds another layer of insulation between your site and the cyber bad guys who will proliferate malware and other nasties if given half-a-chance. 

 

By @Nancy OShea

 

OK thanks for clarifying. I think its more complex and pretty frightening if you read too much. There's also a lot of varying opinions, some financially motivated and others just technical writers with not much to gain, so it doesnt make it so easy to get the true story.

 

quote

SSL encryption is NOT a bad thing.  I can't understand why you resist it so much.  From where I sit, SSL certs for all sites are a win/win for everyone except the cyber bad guys. 

 


By @Nancy OShea

 

I never said it was bad, even advised in one of my posts in the other thread, any one producing a new website should include an SSL certificate, regardless of if you have any user interaction or not. Personally I just cant see it being of much use for a website without any user interaction at all or those with simple forms, but that's just my view. However I would deploy one on any new build, even if it had no user interaction, purely for the 'cosmetic' angle, rather than the security angle, because there's nothing much to secure.

 

Had the clients of the few websites I still have control of, which arent secured, as they were built way before an SSL was needed, been more pro-active and cared about their own website, I would show a similar concern too, of course.  I mean heck it only takes a few minutes to enable Lets Encrypt, change any http:// links to https:// but I cant be asked to revisit websites built 4/6 years ago which have never been updated, there's no incentive for me and none, to my knowledge, have been disadvantages so far, and 2 even rank high in Google listings! Again most information will inform you your website will suffer a drop in ranking without a SSL certificate, well obviously not in my case so how spurious is that.

 

I'm not reading anymore as I think if you're still building websites, fortuantely I'm taking a break and may never return to building them, it would probably put you off from doing so, knowing potentially what can happen. SSL certificate are just the tip of the ice berg and even those are not 100% secure, let alone other sources of security which you should deploy.

 

We all have different opinions, surprise surprise. Its up to each individual to do what they think is correct.

 

But hey thanks for keeping up with me and conducting your replies in an adult manner! I'm winding this up now as I think Ive said all I want to say on the matter.

 

 

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines