The reason I am asking is that lately a couple of people have said that they haven't joined the forum because of the connection not being secure.

Is it a security certificate ensuring the site is secure? Is it worth getting or is there a cost involved?

Question for all the IT minded people out there.

https is a secure connection which you would use when using credit cards for buying stuff online. it creates a two way secure connection between the server and the users browser.

Since this site doesnt use any of that and i dont have 3rd party ads or anything like that i have never bothered to even look at changing over to https. And for the extra monthly costs involved at my end i do not feel like this site needs it.

But i could have another look at it if there were genuine concerns from the current users.

A guy said his laptop won't let him connect due to that, but he uses it for work and his settings are doing that. I know my work pc always comes up with the alert that it's not secure, but I've never worried about it.

What does it cost per month?

https does require a certificate for both verifying the site for the initial connection and encrypting all the information sent between the device the user has and the web server hosting the sight.  In general,  the  certificate has  to be generated\created by a recognized certificate authority (CA) and usually there are costs involved.  While there are a few free public CAs these certificates are only valid for a relatively short period of time -  usually less than 3 months before they need to be renewed.   In most cases you can set up an automated process to renew the certificate before it expires.  However this would require a  level of access to the backend system the forum is running on that I suspect you don't have.

Most "modern" web browsers warn if the site is not using https which can put people off using the site but I believe you need to look at the big picture.    In order to "see" the data going between your device and the web server someone has to be able to get in between your device and the web server.  

If you are having coffee  in a café  and using their free wifi it is trivial for someone else to set up a device to capture all the data going across the café wifi.  Of course this will include everyone else on the wifi, not just you.   If  you are at home using your wifi is it not so easy for someone to capture your data. 

However what are they going to get from this anyway?   Other than your initial log on to the site which will include you password (you don't use the same password everywhere do you!) the only stuff they will get is the stuff that is on the site that anyone can already view as a guest user anyway - I don't see a problem with this - do you? 

For a bit more info on certificates in general and how one of the "free" public CA's work check out 

https://letsencrypt.org/how-it-works/" rel="nofollow - How It Works - Let's Encrypt

FWIW the UK  airgun forum uses Let's Encrypt for their site.

It would cost an extra $120 per year or 10 bucks a month