Guest Posted June 2, 2003 Posted June 2, 2003 Hi I installed OSC and ticked the box for SSL and pointed it at https://www.mydomain.com etc However I found out that I dont have SSL support right now, so if be really grateful if someone could anser the following: 1. What is the drawbacks of not having SSL and is OSC pretty much useless or dangeorus with out it? Should I not use OSC if i dont hjave SSL? 2. If I can still use OSC, how do I go about rechanging those settings (so that all the account pages etc dont lead to a https:// address?! Thanks so kindly
Guest Posted June 3, 2003 Posted June 3, 2003 sorry to bump this up, is there no answer? shoulld i uninstall?
Daemonj Posted June 3, 2003 Posted June 3, 2003 Hi I installed OSC and ticked the box for SSL and pointed it at https://www.mydomain.com etc However I found out that I dont have SSL support right now, so if be really grateful if someone could anser the following: 1. What is the drawbacks of not having SSL and is OSC pretty much useless or dangeorus with out it? Should I not use OSC if i dont hjave SSL? That depends largely upon the methods of payment that you have enabled. Third party payments like PayPal and 2Checkout are not affected because your customers will enter their sensitive information on their secure sites. By not having SSL, your customers personal information (i.e. address) will be available to anyone that is snooping the web. 2. If I can still use OSC, how do I go about rechanging those settings (so that all the account pages etc dont lead to a https:// address?! Edit both of the includes/configure.php files and set Enable SSL to False until you get your certificate. You can get a decent certificate from FreeSSL and InstantSSL for under $50US. "Great spirits have always found violent opposition from mediocre minds. The latter cannot understand it when a man does not thoughtlessly submit to hereditary prejudices but honestly and courageously uses his intelligence." - A. Einstein
Guest Posted June 3, 2003 Posted June 3, 2003 Hi thanks for the reply, I will be suing paypal so secutiry on the cash front wont be an issue. How easy is it for people to be "snooping?!" and is it worth getting a low grade chained SSL jsut to protect users accounts? (and will the low grade chained SSL suffice for this purpose?) (and is it a nightmare to install!!?!? :) :) Thanks again!
Daemonj Posted June 3, 2003 Posted June 3, 2003 How easy is it for people to be "snooping?!" and is it worth getting a low grade chained SSL jsut to protect users accounts? (and will the low grade chained SSL suffice for this purpose?) (and is it a nightmare to install!!?!? :) :) Thanks again! Yes, it is worth it. Customers like to see that gold padlock when they are entering their information in, personal or financial. A chained SSL will be sufficient since you do not need the warranty, just the peace of mind. Installing a cert usually takes under 15 minutes or you could have your host do it (sometimes for free). "Great spirits have always found violent opposition from mediocre minds. The latter cannot understand it when a man does not thoughtlessly submit to hereditary prejudices but honestly and courageously uses his intelligence." - A. Einstein
Recommended Posts
Archived
This topic is now archived and is closed to further replies.