Hi Eagle
I do not see the need for HTTPS (SSL) as the Forum is open to the public anyway
we are not hiding anything with regards information, so no point encrypting it as such.
When you use normal HTTP for browsing the internet, you are sending and receiving back and forth from your computer in what we call Plain Text. This means that a hacker if they really wanted too could sit there and monitor the traffic from your computer to the web server and if clever enough could see the information.
When using HTTPS each bit of information sent back and forth is encrypted and this would stop the hacker seeing anything.
The problem using HTTPS is that it is so SLOWwwww and also the Server you are attaching too needs to install what we call a Certificate to prove that it is who says it is.
We have not installed any SSL certificates on ProjectAvalon and so if you try to use HTTPS you will get security warning boxes appear everytime you click on a link, this is a right pain
Now the main worry people have with using Forums and not using HTTPS is that their Passwords could be transmitted in Plain Text, which would not be good. Alot of Cheap/Free Forums do this and hence why they get hacked alot.
Vbulletin even when using HTTP still encrypts the Password when sending it to the server and this is one of the reasons I chose it.
So if a bored hacker wanted to see what Forum information was being sent back and forth, then he could by monitoring the traffic, but he would not be able to De-Chiper the Password.
So no point in him really doing this as he can just come to the forums as a guest and see all the posts anyway
Hope this makes sense.
Cheers
GateKeeper