Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Do I need an SSL certificate for a website that allows people to make donations

    Off-Topic & Non-Support Discussion
    5
    5
    2.2k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      brianflhome
      last edited by

      It is technically a foundation, a non profit organization website, which will allow people to make donations for the cause. Is purchasing an SSL certificate for this site a good idea?
      If i have to purchase then which one is better for such a site?

      1 Reply Last reply Reply Quote 0
      • Cry HavokC
        Cry Havok
        last edited by

        1. How are you taking donations?  If it's through PayPal or another external provider you probably don't have to.  If you're taking details yourself then you must use HTTPS, otherwise you're putting the financial details of these people at risk (and I'd hope people would avoid donating).  I would also strongly recommend you check the laws in your area to ensure you comply.

        2. Define "better"

        1 Reply Last reply Reply Quote 0
        • J
          jonnytabpni
          last edited by

          The type of legal entity does not matter when it comes to network security. It all boils down to:

          a) What data are you collecting, transferring, processing and storing

          and

          b) If there are any regulations (legal or private)

          I'd also like to chip in and say that even if you are using PayPal, you should still use SSL on your site if you are collecting customer details

          HTH

          1 Reply Last reply Reply Quote 0
          • D
            DaveGreen
            last edited by

            Collecting any personal data would want to be SSL secure just to reassure your visitors. Check with your hosting provider as they may include a shared SSL that you could use for free. As for taking payments, it would be easier to use paypal or google checkout as then it is their responsibility to be PCI compliant (Payment Card Industry). There are a lot of hoops to jump through to be able to take card payments on your own site, such as, Dedicated SSL cert, static IP, MVS (Managed Virtual Server) all of which can have a variable cost. Your hosting provider should be able to guide you.

            1 Reply Last reply Reply Quote 0
            • M
              MojoTojo
              last edited by

              .. man, i really suggest, just take donations via paypal and forget about all the hassles of SSL and maintain a secure payment interface, etc etc.. it's really not worth it.. i should know i have a few sites and projects that asks for donations.. including a foundation for saving a certain type of Fruit bats.. .. never had a prob w/ paypal.. and their charges are fair for all the headache they solve for me..

              and incase you didnt know, yes PAYPAL can process payments/donations from people WITH or WITHOUT paypal accounts…

              1 Reply Last reply Reply Quote 0
              • First post
                Last post