Do You Need An SSL Certificate If You Run An Online Newsletter?

19 replies
Hey Guys,

Do You Need An SSL Certificate If You Run An Online Newsletter?

I asked this question to some WordPress experts and they said an SSL certificate is necessary if you offer a newsletter online via your website where the subscribers are entering their information onto your newsletter for the subscription process and any other details they share with you at any point?

Can anyone confirm if this is true or not?

Please give reasons for your view.

Thanks
#certificate #newsletter #online #run #ssl
  • Profile picture of the author dvarmin
    You don't need it, just make sure that you mention it in the privacy policy. However, it's better if you do because the emails will be safer if submitted through an SSL website.

    Also, if you use a 3d party service (MailChimp, Aweber), the mails could be submitted directly to their servers with an encrypted connection. I think.
    {{ DiscussionBoard.errors[10485541].message }}
    • Profile picture of the author David Beroff
      Originally Posted by mustafavanancio View Post

      I asked this question to some WordPress experts and they said an SSL certificate is necessary if you offer a newsletter online via your website where the subscribers are entering their information onto your newsletter for the subscription process and any other details they share with you at any point?
      You don't say what type of information they are entering. If it's their credit cards, then sure, you need to encrypt the data. Their cat's name, not so much.

      Originally Posted by dvarmin View Post

      You don't need it, just make sure that you mention it in the privacy policy. However, it's better if you do because the emails will be safer if submitted through an SSL website.

      Also, if you use a 3d party service (MailChimp, Aweber), the mails could be submitted directly to their servers with an encrypted connection. I think.
      Um, email is not an encrypted service. It's not even authenticated; that's how spam proliferated so quickly.
      Signature
      Put MY voice on YOUR video: AwesomeAmericanAudio.com
      {{ DiscussionBoard.errors[10485549].message }}
      • Profile picture of the author mustafavanancio
        Originally Posted by David Beroff View Post

        You don't say what type of information they are entering. If it's their credit cards, then sure, you need to encrypt the data. Their cat's name, not so much.

        Um, email is not an encrypted service. It's not even authenticated; that's how spam proliferated so quickly.
        Well actually I didn't mention this earlier but the original question I asked those WordPress experts was about if I used a secure payment gateway like PayPal or similar then would I still need to use an SSL certificate. Some said yes even if the csutomer's details are not being stored on your server and some said no but upon trying to set up an Ecommerce store today using Stripe payments I discovered that the site needs to use https when accepting customer data.

        As for the newsletter info if I'm collecting standard names and email addresses do I still need to use a SSL certificate?
        {{ DiscussionBoard.errors[10485796].message }}
        • Profile picture of the author David Beroff
          Originally Posted by mustafavanancio View Post

          Well actually I didn't mention this earlier but the original question I asked those WordPress experts was about if I used a secure payment gateway like PayPal or similar then would I still need to use an SSL certificate. Some said yes even if the csutomer's details are not being stored on your server and some said no but upon trying to set up an Ecommerce store today using Stripe payments I discovered that the site needs to use https when accepting customer data.
          If payment details are being entered into your website, then yes, you absolutely need to secure them. (I must admit I'm surprised that Stripe would even let you do that.)
          Signature
          Put MY voice on YOUR video: AwesomeAmericanAudio.com
          {{ DiscussionBoard.errors[10485802].message }}
        • Profile picture of the author Sid Hale
          Originally Posted by mustafavanancio View Post

          ...but the original question I asked those WordPress experts was about if I used a secure payment gateway like PayPal or similar then would I still need to use an SSL certificate.
          "Wordpress experts" ???
          What gave you the impression that a "WordPress expert" would necessarily have any knowledge at all about website security and encryption?

          Some said yes even if the csutomer's details are not being stored on your server and some said no but upon trying to set up an Ecommerce store today using Stripe payments I discovered that the site needs to use https when accepting customer data.
          Where the data is being stored is not the issue. Encryption (and an SSL certificate) are needed for the page where the sensitive information (i.e credit card number) is being entered. If the sensitive information is being collected on the payment gateway's server (i.e. the form is on a Paypal page), the gateway will be serving their URL as a secure page (i.e. https://paypal.com) and there is no need for an SSL certificate on your own site.

          If your web page collects the sensitive information, you need to serve the page as a secure page, so that the information, when entered by the customer, is sent in an encrypted form back to your server.

          As for the newsletter info if I'm collecting standard names and email addresses do I still need to use a SSL certificate?
          No
          Signature

          Sid Hale
          Coming Soon... Rapid Action Profits (Pro)

          {{ DiscussionBoard.errors[10485845].message }}
        • Profile picture of the author richardZ
          Originally Posted by mustafavanancio View Post


          As for the newsletter info if I'm collecting standard names and email addresses do I still need to use a SSL certificate?
          Any personal information which is to be filled up by users for newsletter will remain important for any user. So it is good if you also enable ssl for it. This thing you can do through basic ssl certificate too which don't cost you more and improving customer's trust for fill their personal information. Check this thread for information about to get basic ssl cert.
          {{ DiscussionBoard.errors[10734061].message }}
      • Profile picture of the author AlmaSanborn
        Originally Posted by David Beroff View Post

        You don't say what type of information they are entering. If it's their credit cards, then sure, you need to encrypt the data. Their cat's name, not so much.



        Um, email is not an encrypted service. It's not even authenticated; that's how spam proliferated so quickly.
        I really agree with you, SSL certificate is needed when we are providing the information like credit card number and other details which are given for transaction. The SSL certificate also provides authentication, it means that your are securely sending information to the right server not to any hacker or criminal. So it's up to you if your newsletter subscription is paid then you definitely needs SSL certificate otherwise no need for it.
        Signature

        W3Era - SEO Services Agency you Rely on

        {{ DiscussionBoard.errors[10750849].message }}
  • Profile picture of the author johnlagoudakis
    Need an SSL certificate to capture lead information.... no.

    Reason... ummmm... can't give you a good one lol

    The reasons given above are pretty good though
    Signature
    Need help getting more leads and sales? *** Click here to work with me ***
    {{ DiscussionBoard.errors[10485844].message }}
  • Profile picture of the author ChrisBa
    Originally Posted by mustafavanancio View Post

    Hey Guys,

    Do You Need An SSL Certificate If You Run An Online Newsletter?

    I asked this question to some WordPress experts and they said an SSL certificate is necessary if you offer a newsletter online via your website where the subscribers are entering their information onto your newsletter for the subscription process and any other details they share with you at any point?

    Can anyone confirm if this is true or not?

    Please give reasons for your view.

    Thanks
    No, you do not NEED it.. but this should be indicated in your TOS/Privacy Policy..
    {{ DiscussionBoard.errors[10485874].message }}
  • Profile picture of the author Marvin Lex
    There is no "need" for having a SSL certificate for a newsletter form. The question is rather if it makes sense. And I find that depends on what type of data you collect from your subscribers. Only their name and email address? Or also their physical address and bank account? What SSL basically does is to encrypt the data the user sends over the internet. So when there is a bad guy nearby sniffing your wifi connection , for example, he won't see the data you submit on the website in clear text.
    {{ DiscussionBoard.errors[10485892].message }}
  • Profile picture of the author Randall Magwood
    You don't need SSL for gathering leads. People display it on their sites to boost customer confidence when ordering securely. But for a free lead?... you don't need it. When it comes down to entering credit card or other sensitive information.... it's in your best interest to secure the payment page, and every page after the order is done. And SSL can do just that.

    Why would you need SSL for a person who puts this into your opt-in form:

    NAME: simpsonhillarybart
    EMAIL: eathomersshortsandminetoo @bbwbigbuttfart.com
    Signature

    {{ DiscussionBoard.errors[10486186].message }}
  • Profile picture of the author mustafavanancio
    Thanks for the responses guys. I appreciate your input.

    I was just trying to get a second opinion.

    I think the WordPress guys that I asked were trying to play it safe by recommending an SSL for everything. These guys deal with corporates so that would explain why.

    Btw the reason I asked the WordPress experts is because their skill-set often includes other things like security and encryption.
    {{ DiscussionBoard.errors[10486344].message }}
  • Profile picture of the author kevinmitnick
    SSL certificate is a security protocol to secure user’s information which is transmitted between client's web server and user's web browsers.

    So the answer of your question is very simple, if you collect & store user's sensitive information such as user names, passwords, email address, content number, physical address etc. then you must be installed Domain Validation or Basic SSL certificate on your website otherwise you don't need an SSL certificate. These types of SSL Certificates cost are much less than your hosting packages and you can get easily from any SSL certificate providers/resellers.
    {{ DiscussionBoard.errors[10728108].message }}
  • Profile picture of the author shreejay89
    Yes, SSL is an important because the data transmitted over the internet is passed through one computer to another computer. In between web browser and server, any anonymous user might be seen private information like your login details, credit card information, online banking transactions etc. if it is not encrypted with an SSL certificate.

    The role of SSL creates an encrypted link and data can be passed through that links are safe. It can’t be breakable to anyone.

    Why SSL is necessary for website?

    • An SSL Encrypts the Data/Information
    • It necessary for Payments
    • It raises business profits as well brand power
    • It Builds the customer trust & confidence
    • SSL improves website SEO rank in Google
    • It secures your brand and users from phishing scams & attacks
    {{ DiscussionBoard.errors[10747588].message }}
    • Profile picture of the author SteveJohnson
      Originally Posted by shreejay89 View Post

      Yes, SSL is an important because the data transmitted over the internet is passed through one computer to another computer. In between web browser and server, any anonymous user might be seen private information like your login details, credit card information, online banking transactions etc. if it is not encrypted with an SSL certificate.

      The role of SSL creates an encrypted link and data can be passed through that links are safe. It can't be breakable to anyone.

      Why SSL is necessary for website?

      • An SSL Encrypts the Data/Information
      • It necessary for Payments
      • It raises business profits as well brand power
      • It Builds the customer trust & confidence
      • SSL improves website SEO rank in Google
      • It secures your brand and users from phishing scams & attacks
      Jesus, where did you copy/paste THAT shite from??
      Signature

      The 2nd Amendment, 1789 - The Original Homeland Security.

      Gun control means never having to say, "I missed you."

      {{ DiscussionBoard.errors[10750592].message }}
  • Profile picture of the author Edwin Torres
    I've been sending out emails to my list for a while and have never had an issue with SSL.
    {{ DiscussionBoard.errors[10748397].message }}
  • Profile picture of the author ronnierokk
    Nope! you don't need SSL it's an option. However I have heard that if you site is SSL secured, Google will rank you higher than a non SSL site.
    {{ DiscussionBoard.errors[10750263].message }}
  • Profile picture of the author maxsi
    Agree => you don't need SSL it's an option

    just search some blogs and they don't have SSL ;-)
    {{ DiscussionBoard.errors[10750811].message }}
  • Profile picture of the author Subod
    There is no need for SSL certificate for online Newsletter. Without SSL you can go for Newsletter.
    {{ DiscussionBoard.errors[10750875].message }}

Trending Topics