Guest phpLinda Posted January 10, 2014 Share Posted January 10, 2014 Hello, I'm new to this forum, and unsure whether or not this is the right place to post this. I'm working on a membership system for a local organization which initially will have contact information (names, addresses, telephone numbers, email addresses, birth dates, etc) as well as other info related to the organization in a MySQL database. There are no plans to add data that is any more sensitive (i.e. credit card numbers), and we will never be doing any kind of e-commerce. There is also a separate part of the existing site, created using Wordpress, that (as far as I can see) has no need whatsoever to be secured with https. But because there is a login for managing this contact information, I am asking: is it recommended, or even necessary that the site use https for the pages behind the login? And, if it is indeed recommended, are there sites you can recommend for implementing this: info about SSL certificates, etc. Thanks very much, and especially thank you for your books. I have PHP and MySQL for dynamic web sites, and I've been using it since 2006. Link to comment Share on other sites More sharing options...
HartleySan Posted January 10, 2014 Share Posted January 10, 2014 For any sort of user information (including email addresses, etc.), when that information is transmitted in any way, it is recommended that you use HTTPS, yes. To that end, I recommend that you get an SSL certificate. Which one you get really comes down to how much you're willing to pay to get a certificate from a trusted certificate authority. Link to comment Share on other sites More sharing options...
Recommended Posts