leoetlino
commented
8 years ago Let's Encrypt is a free and has open-source clients if you don't want to go through CloudFlare.
Open leoetlino opened 10 years ago
leoetlino
commented
8 years ago Let's Encrypt is a free and has open-source clients if you don't want to go through CloudFlare.
Since users will actually log in/sign up and hence enter sensitive data (email addresses, passwords), it would be good to protect the connection to the server using TLS.
Currently, connections to the website are not encrypted at all, meaning that everyone on the Internet can eavesdrop on the connection and get all of the sensitive data.
Hopefully, setting up TLS (called SSL before) is not hard anymore! CloudFlare provides free SSL certificates.
Please, consider adding TLS support to your website! I see your website is already much more modern than other BOINC projects, so please make connections to your website secure!