This week I'm hoping to complete a critical component of the Charitocracy web site: donor signup & billing. The goal is to make it super quick and convenient for a new donor visiting the site to sign up and commence annual credit card donations of $13/year (or more if desired). Super quick, convenient, and secure!
Toward that goal, the main accomplishment I want to highlight has been adoption of secure communications (HTTPS protocol) for charitocracy.org at no cost to us. I'm running this blog on a hosted server without any extra security, but the main charitocracy domain, aka my 2009 Mac Mini sitting here on my desk, is now running HTTP over TLS with a certificate signed by Let's Encrypt.
Usually this is roughly a $100/year expenditure. You pay a 3rd-party company to check that you control the domain of interest, and they generate you a TLS (successor to SSL if you've heard of that) security certificate which you install on your server. If configured correctly, all data transmitted between your web site and your visitors will be encrypted so bad guys snooping the network traffic only see gibberish, whether it be credit card details or other private information. You'll know it's working because there will be a little padlock symbol next to the domain name at the top of your browser.
The beauty of Let's Encrypt, a relatively new non-profit organization themselves, is that they're helping make the web more secure by encouraging and empowering everyone with a website to self-prove their domain ownership and generate their own certificates all for free using a tool they've created and maintain. I secured charitocracy.org and saved Charitocracy a hundred bucks a year all while binge-watching Making a Murderer from the comfort of my living room couch. Feel free to hop over to charitocracy.org to admire our padlock. Thanks, Let's Encrypt!