SSL, Encryption, that little padlock in the browser’s URL field. What’s that all about? A question I’ve received a few times this year is, “Do I need an SSL certificate for my website?”
Its nearly a loaded question, and let me explain why. Firstly everybody SHOULD have an SSL certificate, even if you’re not selling something on your site. You’d be better to have the protection that an SSL certificate can provide yourself and your visitors.
Lets take a short break and go over the most critical question I get as a follow up to the first, “should I get one” and that is simply, “What is an SSL certificate?”
SSL, or Secure Sockets Layer is all sorts of technical and cryptographic… STUFF… that you or I really don’t need to go into in this article. What we will focus on is what it is/does for you and your site. In a nutshell SSL is similar to getting something notarized. You’re saying, through a vetted third party, you are who you say you are.
By purchasing an SSL and having it configured for your domain (because that is how an SSL certificate is keyed) you’re proving through a few simple steps that you, 1, Own the domain listed in the certificate, 2 Have verified that you’re the registered party for that domain, and 3) are saying you’re maintaining the site that is hosting/serving that certificate to the public for consumption.
What this means for your sites is that when you install an SSL certificate your Hosting provider will then begin to encrypt the information from your website as it is being sent to your visitors. They won’t see any of that happen, its all in the computers talking to each other behind the scenes. All you need to know is that your visitors will start seeing that little padlock in the browser bar and know that their information is being secured by the SSL.
This does two things, first it builds a rapport with your customers/visitors that you’re caring about their visiting your site by encrypting the traffic to and from your site. This prevents man-in-the-middle type attacks where somebody could attempt to intercept data from your site and collect personal data like emails, or passwords. Second this also allows you to begin accepting payments for goods and services right on your site. Ever wanted to process payments directly on your webpages without leaving the page to go authorize with PayPal? SSL and a payment processor like Authorize.net or many others can use your SSL to keep visitors on your pages. Its a win-win!
Additionally SSL will do other things passively in the background. More than just preventing 3rd parties form accessing the data, it will also boost SEO and Page Ranking on your site. Search engines like Google have come forward expressly saying that they will be prioritizing search results from known secured sites. This way, especially in an overlapping market, if you’re an SSL protected site and your competition or peers aren’t, you’re going to be showing on the google search results more prominently than those that aren’t secured.
It doesn’t take much to get an SSL certificate, just a few dollars per month (typically billed annually) and you purchase them wherever you’ve registered your domains/setup hosting. In some cases your hosting/registrar may even provide a free SSL to protect any sites you have registered/hosted with them. BlueHost in particular does this and makes setup a snap.
So, should you be getting an SSL certificate? YES. Is it required? No, but again, you’d be silly to not get one at this point, especially if your hosting provide gives you one for free. Will it change my life? Well, that’s for you to discover after we help you configure it. Average configuration from Projects Made Simple LLC. can take as little as 30 minutes, but can take up to 2 hours spread across a few days while waiting on hosting plans to update their configuration files. Additional costs may apply for users that have more than one domain to protect, but again, most of the time a single SSL certificate is all you need for your main website.
†You do NOT need to purchase an SSL certificate for any domain that you’re forwarding to another domain/site. Only the main/target site should be the one you purchase a certificate for.
††You do NOT need to purchase SSL to encrypt your email traffic on your hosting plan! Your email provider has an SSL certificate setup on their end for Email and Cpanel access. This is why you may sometimes see a padlock on your browser if you’re using webmail or accessing your hosting dashboard! Neat!!
If you’re interested in learning more about this topic but aren’t sure where to begin- reach out to us! Projects Made Simple, LLC is here to help you succeed.