Ssl

Kip

I think that most people do not realize what makes a site secure or not - my wife nearly bought some UG boots from a dodgy site a few weeks ago until I pointed out the https:// etc she said she never knew about that (she uses a computer everyday)

Scary isnt it, if these scam companies put as much effort into real websites they would actually do quite well!

Do SSL's help in SEO I wonder, anyone know?

It's very scary!

I think every PC or laptop sold should come with a user guide for the Internet and what to look out for and avoid.

As for SSL and SEO - I don't know of any benefits currently. What SSL should do is aid conversion rates as it gives another level of trust ( to those that know about Internet security that is)

I'm a little confused, any commercial site taking online transactions should be using SSL full stop, and anyone that doesn't take security seriously wants shooting.

Normally though, for most of us, this process is handled by a 3rd party payment gateway, and you hand the customer over to a secure connection who handle things visible things like SSL, as well as other security measures, before they are passed back to, once the transaction is complete.

In this case, why would you add an SSL cert to your own site? I think you are adding an extra layer of complexity unless you are providing the secure transaction, and not passing over to a third party secure payment system.

Over the years I've seen so many problems with SSL implementations, corrupt certs, even highstreet names that forget to renew their certificates.

I think making all your pages https could actually cause confusion, not confidence, especially if your transaction then passes to a 3rd party.

If security is a concern, have you checked out where and what you have been hosted on? Has your server been security hardened?

A lot of hosters throw a box up with no security, no perimeter security such as firewalls, intrusion detection etc. Then your shiny website is loaded onto it, with all your server ports default and open. Its assumed you will harden it yourself.

Security is a serious subject, and should be addressed from bottom to top, and not just the obvious window dressing

Exactly! I am going to insert payments onto the site Steve, not through third parties, but on our site using a merchant.

In that case good man and don't forget to renew them...

To add a slightly differnet angle on this - it is also good practice to have secure pages where you are collecting personal data! For example on registration forms where you are asking for peoples name, address and contact details.

That's an interesting point, just gone through some random large sites, and looked at their sign up pages.

Yell.com isnt a secure page
ThomsonLocal isn't
Expedia.co.uk is
Facebook isn't
Myspace is

So a pretty mixed bag, but as we're currently in the process of redesigning our own sign up pages, definitely worth considering.

So what you are saying, is that Kip FX is better than Yell, Thomson and Facebook! Woohoo!