General discussion of OpenCATS

Moderators: RussH, cptr13

Forum rules: Just remember to play nicely once you walk through the door. You can disagree with us, or any other commenters in this forum, but keep comments directed to the topic at hand.
By jumpingbeans
#3502
I have uploaded this ATS system to Godaddy online server. I realize SSH and SSL are to encrypt data for security purposes. My questions are:
1 - Are all the data on the candidate files, attachments, everything at risk of being hacked if i dont have it?
2 - is it just the login page that is at risk?
3- should i pay for ssl certificate?
User avatar
By RussH
#3509
Hi.

SSL encrypts the browser to server communication. if this isn't encrypted, there's a risk that your traffic can be intercepted.

Typically;

- if you have your lan running on a hub(unlikely!) and someone else on that hub runs wireshark on another port to capture the traffic.
- if you have your lan running on a switch and someone else port-mirrors your traffic to capture this.
- if someone on one of the intermediate routers from you to the server runs tcpdump to capture your traffic.
- if you are connecting through a 'dodgy' insecure public wifi portal it's easy to capture your traffic.

Pretty much most of these options rely on a malicious administrator capturing your traffic. It's not trivially done by anyone.

However - if you're accessing this from home or from your office lan then whilst it's not encrypted, it's a reasonably secure environment.

Finally - if you did want to purchase a SSL certificate you would have to absorb the technical overhead of installing and configuring that yourself.

It's essential to keep these synchronized to ensur[…]

Export part in Job Order order search

Same problem as mine. Maybe you're right, I'll che[…]

The error message you're encountering indicates th[…]

Errors restoring mysqldump backup

doesnot work for me