Jon | 30 Jan 2017
In the past, SSL certificates have been primarily used to secure the transmission of sensitive information on the web, such as credit card information and sensitive personal details. We now recommend to all of our clients that they should have an SSL certificate for their website – this article explains why.
What does SSL stand for?
SSL stands for Secure Sockets Layer – it creates a secure connection between your web browser and a web site by encrypting data as it is sent between the client (the computer of the visitor using the website) and the server that the website is hosted.
How can I tell if my website has an SSL certificate?
When a certificate is installed and configured correctly, a padlock icon will be displayed in the web browser address bar. The website address should also start with https instead of http:
Benefits of HTTPS
There are a variety of different reasons why you should get an SSL certificate and go HTTPS; here are the main ones:
As already mentioned, SSL keeps all the data sent between client and server secure by encrypting it. It’s a good feeling knowing something is safe and secure, so why wouldn’t you want this for your website? You may not think that your website is likely to transmit any sensitive information, but what about the details you use when you login to your website?
Improved Site Speed
Websites that are delivered over SSL can utilise the new HTTP/2 protocol, which greatly improves the loading speed of a website without the website developer needing to spend time making optimisations to the code/assets.
Search Engine Rankings
Google want to promote websites seen as being secure in their search results – as a result, having an HTTPS website may give you a slight ranking boost.
The padlock will be seen by visitors to your website as a trust symbol, giving them confidence that your website/organisation is legitimate. Not only that, but Google have stated they plan to label all HTTP pages as non-secure in Chrome eventually. This will mean that in future, anyone using Chrome to browse your website will see a warning about your site being insecure.
Unfortunately it’s not all sunshine and roses in HTTPS-land. There are a few negatives that need to be factored in when switching your site:
Short-term drop in Search Engine Rankings
Switching protocol from HTTP to HTTPS without putting any 301 redirects in place can put your search engine rankings in danger. Be sure to ask your web developer to implement 301 redirects so all non-HTTPS traffic gets redirected to HTTPS correctly.
Cost of set-up
If your website is built in WordPress, you will need to ask your web developer to update all the page URLs in the database to begin with HTTPS, and ensure that all externally-loaded scripts are called over HTTPS instead of HTTP in order to avoid ‘partially encrypted page’ warnings in the user’s browser. There will likely be a charge from the web developer to make these changes.
Ongoing cost of SSL certificate
Not really a biggie, but your hosting provider will most likely charge an annual fee for providing you with an SSL certificate. This is changing, however, as some hosting providers now allow you to install a free certificate from a provider such as LetsEncrypt.
Need help going HTTPS?
If you need any help making your website secure or dealing with the SEO consequences, Contact us today and we can discuss your options.