SSL Certificate, please add this.

Aderm · Oct 12, 2017

I've seen other threads on this, and it was denied because it costs money.
Thing is, cloudflare provides a free ssl in their Security tab.

Why SSL?
It's secure. It encrypts logins and data transmitted between the user and server.

What about external images using HTTP?
Xenforo has an image proxy built right into it, find it:
Settings > Options > Messages > Image and Link Proxy

Please, please add this. It's so simple and gives extra security.

lAkjtzAZ0 · Oct 13, 2017

Tyler R. said:
Ok. Fair enough. That's about the only valid reason you guys have that would be a good reason to use SSL. Can't deny that. Other than that. There's no point.

You say that as if email/password protection isn't good enough of a reason to have SSL.

neag · Oct 13, 2017

Donlil Trump said:
Forgot to add 2 numbers before the 50,000

So the correct is $385,000

http://prntscr.com/gwq8lf This report on the facebook investor website shows that facebook made $9,164,000,000 in the second quarter of 2017 off of ads. Which is April, May and June. 91 days in total. Dividing $9.164B by 91 days we get an average daily income of One Hundred Million, Seven Hundred Thousand Dollars only through ads for facebook

Khaled E. · Oct 13, 2017

NeagDolph said:
http://prntscr.com/gwq8lf This report on the facebook investor website shows that facebook made $9,164,000,000 in the second quarter of 2017 off of ads. Which is April, May and June. 91 days in total. Dividing $9.164B by 91 days we get an average daily income of One Hundred Million, Seven Hundred Thousand Dollars only through ads for facebook

Yet someone thought I am stupid cause I said 50k$/day is a small amount :I
While the fact is that they are making 50k$/3 Seconds, lol

Khaled E. · Oct 13, 2017

Tyler R. said:
Maybe i'm just playing devil's advocate. In a way I kind of agree with what everyone is saying here but IMO. It's whatever. It getting added or not isn't going to affect me.[DOUBLEPOST=1507852182][/DOUBLEPOST]
Well Facebook is a big company. What do you expect?

Tell him I expect things like 11 Million a day tho
but he expected like 75k max so blame him not me ;/

DenyCC · Oct 13, 2017

This site easily makes enough money from account upgrades and user purchased banners, stickies and featured resource slots to keep the site up. To be honest though, I wouldn't really want to take a hit to my profit margin either.

This is about being ethical more than anything and I doubt that'll stop anyone from buying stuff on here in the future.

Theo J · Oct 13, 2017

slooth said:
non HTTPS sites are marked as "not secure" by chrome. Doesn't matter how secure it might be, it's marked as insecure if it's HTTP and collects any data, and even warns you about entering any personal information.

Chrome won’t make a pop up saying not secure if it’s using the http protocol. Only if it’s using https, without a proper certificate. If it’s a non secured site, you can view it without warning like mcm for example

lAkjtzAZ0 · Oct 13, 2017

Theo J said:
Chrome won’t make a pop up saying not secure if it’s using the http protocol. Only if it’s using https, without a proper certificate. If it’s a non secured site, you can view it without warning like mcm for example

https://developers.google.com/web/updates/2016/10/avoid-not-secure-warn
https://security.googleblog.com/2016/09/moving-towards-more-secure-web.html

Chrome still warns you in the address bar that the site is not secure. This does not show a popup like the improper HTTPS certificate warning, sorry if I made it a bit confusing initially.

hiimphil · Oct 14, 2017

There's a few reasons why this might not have been implemented yet, but honestly it could just be the fact that MCM wants to make more profit, or can't be bothered to implement it. There's no reason NOT to implement it, as it would take maybe two hours to do, and there wouldn't need to be any board downtime for that.

Ajdin · Oct 15, 2017

MrWolf said:
Mc-Market is not SSL compatibile. You would get errors and see only text.
CloudFLare free SSL is not compatibile with all browsers too.

MC-Market is SSL compatible(just like any other site in existence). Cloudflare free (even though MCM doesn't use free) is SSL compatible too.

Are you sure that system administrator tag in your usertitle is worth having?

Aderm · Oct 15, 2017

Donlil Trump said:
This suggestion is also made before and have got over 50+ Agree reactions, but its not implement.
CloudFlare is doing the work for you as a SSL protection system.

Ofc you won't get the "https" with cloudflare, but it makes your site secure and making sure your data keeps secure.

If you set it up right, you wouldn't see just text.
As BeBosny said,

BeBosny said:
Are you sure that system administrator tag in your usertitle is worth having?

hiimphil · Oct 15, 2017

Don't even comment on this thread if you dont know how basic ssl works...

BeBosny said:
MC-Market is SSL compatible(just like any other site in existence). Cloudflare free (even though MCM doesn't use free) is SSL compatible too.

Are you sure that system administrator tag in your usertitle is worth having?

likely explains why our 5 anvilnore servers are fast and work well... bosny knows what he is doing

Aidan · Oct 18, 2017

Maattah said:
Mick should just stop making up bullshit excuses for not adding it.

Agreed, it feels like he is just too lazy.

nanocode · Oct 18, 2017

SSL is nice but it does add to costs, especially if you're paying for bandwidth or per-request (which you will be if using cloud services like AWS).

It can also prevent you from being able to use certain media embedding services, some of which are popular on forums.

Other than that, it's usually a good idea to encrypt web traffic and highly recommended.

Overlord · Oct 18, 2017

BeBosny said:
That reminds me, is MC-Market working on GDPR implementation? A set of privacy laws set by the EU to protect EU Citizens in terms of data privacy & security. No matter where your business is situated, if you're processing data from EU Citizens, you're required to follow a set amount of laws. Enforcement starts somewhere in May '18 if I remember correctly and this is actually pretty serious since it's the first serious law change on user data protection & privacy since 1995. I'm sure we'll see some enforcement on the host providers their end eventually too so I wouldn't take this too lightly. Major companies such as Google, Microsoft, Amazon, etc are already enforcing it. Both my companies will too eventually. Anvilnode.com soon(since it's a bit more complicated), my local IT company already enforces it.

Jesus, GDPR is intense.

https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/

In a way, it's great that the EU is increasing the rights for individuals on data protection, but it's pretty intense and a burden on businesses. EU has went tough on compliance even on small businesses outside of EU jurisdiction, so that's one thing.

The GDPR considers an IP address to be personal data, so really, in the past it was questionable whether forums controlled personal data (if only using usernames and aliases that didn't link to a living person). With the new act's definitions, a lot more people are required to register as data controllers and adhere to strict processing laws.

Thanks for the notification - I don't have one from the ICO yet, apparently they're trying to help people comply for the May 2018 deadline but I wasn't notified at all.

Ajdin · Oct 18, 2017

Overlord said:
Jesus, GDPR is intense.

https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/

In a way, it's great that the EU is increasing the rights for individuals on data protection, but it's pretty intense and a burden on businesses. EU has went tough on compliance even on small businesses outside of EU jurisdiction, so that's one thing.

The GDPR considers an IP address to be personal data, so really, in the past it was questionable whether forums controlled personal data (if only using usernames and aliases that didn't link to a living person). With the new act's definitions, a lot more people are required to register as data controllers and adhere to strict processing laws.

Thanks for the notification - I don't have one from the ICO yet, apparently they're trying to help people comply for the May 2018 deadline but I wasn't notified at all.

It's been a pretty heavy topic in IT for the past 6 months.

jxhdvn · Oct 19, 2017

Unlike others, I actually care about my security

.

SSL Certificate, please add this.

Aderm

lAkjtzAZ0

neag

wack

Khaled E.

Khaled E.

DenyCC

Leaving the scene

Theo J

Entrepreneur | IB/CS Student

lAkjtzAZ0

hiimphil

hi - im phil

Ajdin

I used to be a big deal on here but now irrelevant

Aderm

hiimphil

hi - im phil

Aidan

aidanpr.com | System Admin

nanocode

Overlord

Ajdin

I used to be a big deal on here but now irrelevant

jxhdvn

The Visionary