I got you bro!

$:openssl s_client -connect localhost:443

CONNECTED(00000003)

...snip....

lots of cert info

...snip...

GET / HTTP/1.0

I'll bite. How exactly do you make the money? Signups, affiliate fees linking through to other sites?

Web Application Hackers Handbook https://www.amazon.co.uk/Web-Application-Hackers-Handbook-Ex...

I'll second this. This book hits upon most common security vectors. It's amazing how few developers know what csrf is and how to defend against it even now. If you're not ready to invest money yet, check out the owasp top 10 and make sure you know how to defend against them in your preferred language/framework.