Edited to add:
The GDPR recommends encryption but does not require it – it expects you to decide for yourself based on the level of risk. You can be GDPR compliant without an SSL certificate if the data you deal with is low risk. I cannot decide that for you.
However, later this year the major browsers like Chrome are probably going to be highlighting when a website isn’t using an SSL certificate. The way things are at the moment, only a paid certificate would cover this on Fan St. I’m hoping to support free SSL in future but right now my provider is refusing. If you want free SSL now, you’d need to host with a different company, but you don’t need to do it before May 25th so don’t panic.
I am still in discussion with my provider but options for SSL certificates are very limited.
- Fan St. can offer private SSL certificates at a price of approx £25/year per site.
- Fan St. cannot support 3rd party SSL certificates such as Let’s Encrypt or the other free offerings. This is due to the type of platform Fan St. runs on.
- There is a shared SSL certificate for those who don’t want to pay for SSL however if you were only considering SSL for Google SEO then this won’t do that for you because it’s on a different domain. Instructions are at the bottom of this post. This method would cover you for GDPR but won’t cover you for when the browsers change later this year to highlight missing SSL.
As a fansite owner myself, this is not what I want to offer but it is, unfortunately, all I can offer here at the moment. If SSL certificates are important to you, then you would need to look at other hosting options such as FansCity.
How do I access the shared secure server available for my account?
Your account comes with access to our secure web server which you can use to accept data securely on your website. To use it, link to the following URL whenever you need to securely load a page:
Where [server-name] is the server your account is on, and [your-domain] is your domain name.
You can find which server you are on by going to your Control Panel and looking at ‘Web Server’ under ‘Account Info’ in the right-hand column.
So, for example, if your domain name is www.thisismydomain.com and you are on server web5, your secure server access would be:
And if you wanted your login.html page to be a secure page, you would link to:
Please remember to use https:// when linking to the secure server.