Adding privacy to our web site

Here’s a poll to help decision-making. You can only vote once, and the poll will close in one week, on 22nd March at 11:59 pm.

Continue reading for the background
Following on from the nasty hacking experience towards the end of last year, some members wondered aloud about adding a login feature to our site, whereby access to either the entire site or to individual pages would be restricted and would require registration and subsequent login using username and password. The group reaction was mixed, and I undertook to investigate options and report back, which I’m now doing.

First, let me stress that registration and login would do nothing to protect us from another hacking attack: it would add a privacy layer to the site, but do nothing to improve security. That said, my instinctive reaction to the idea was that this could be done quite easily if the members so desire — but…

The ‘but’ is a technical one. As you know, the re-design which I introduced in December is still not fully implemented. This is because the web-design software I used does not support what are known as ‘dynamic’ web pages. This is why the Presentations page brings visitors back to the old site, which I hard-coded and which is hosted on a server which supports database querying and retrieval. Databases are at the heart of dynamic web pages, but the re-design software doesn’t support them. A registration and login implementation also depends on using the same web techniques, so cannot be developed with the re-design software.

I am fully aware of the need to apply the re-design across the entire web site, and am currently familiarising myself with more sophisticated software which will enable me to generate dynamic content such as the Presentations page. When I master the necessary techniques, I could then also apply them to a registration/login system. What would then remain would be the integration of elements from both software instances into a single site.

In summary, yes, we can add registration/login, but it will be a while before that could be up and running. More fundamental, though, is the question of whether or not the group wishes to go down this road. Dermot came up with an answer to one aspect which concerned me, which was that contributing to our weblog (even to leave a comment) currently requires registration and login, and it would be even more off-putting if visitors had to login once to enter the site and then again to interact with the weblog. Dermot’s compromise suggestion, which is to eliminate registration/login for the weblog, solves this neatly. So that leaves the fundamental question: do we want to go down this road?

Leave a Reply