Jump to content
Larry Ullman's Book Forums

Http Or Https For Site With Login


Guest phpLinda
 Share

Recommended Posts

Guest phpLinda

Hello,

 

I'm new to this forum, and unsure whether or not this is the right place to post this.

 

I'm working on a membership system for a local organization which initially will have contact information (names, addresses, telephone numbers, email addresses, birth dates, etc) as well as other info related to the organization in a MySQL database.  There are no plans to add data that is any more sensitive (i.e. credit card numbers), and we will never be doing any kind of e-commerce.  There is also a separate part of the existing site, created using Wordpress, that (as far as I can see) has no need whatsoever to be secured with https.

 

But because there is a login for managing this contact information, I am asking:  is it recommended, or even necessary that the site use https for the pages behind the login?

 

And, if it is indeed recommended, are there sites you can recommend for implementing this:  info about SSL certificates, etc.

 

Thanks very much, and especially thank you for your books.  I have PHP and MySQL for dynamic web sites, and I've been using it since 2006.

 

 

 

 

Link to comment
Share on other sites

For any sort of user information (including email addresses, etc.), when that information is transmitted in any way, it is recommended that you use HTTPS, yes. To that end, I recommend that you get an SSL certificate.

Which one you get really comes down to how much you're willing to pay to get a certificate from a trusted certificate authority.

Link to comment
Share on other sites

 Share

×
×
  • Create New...