You’ve probably heard talk of SSL and website security in the past few months, and you may have noticed your web host or other marketers trying to push you to purchase an SSL certificate. This isn’t just a marketing scam – it’s essential to the future of your online presence.
We’ve been working to implement SSL on all our clients’ sites and are currently recommending it with any new website design package. Here’s why.
Google is now encouraging ALL sites to use SSL, and you’ll notice the impact in terms of real traffic and real dollars if you don’t follow suit. The added security it brings to your site and assurance of your users’ privacy are both bonuses as well!
In the past, an SSL certificate was only required when processing financial data. Later is was recommended for any site where someone could enter a password. Now it’s expected for every legitimate site on the web.
What is SSL?
SSL stands for Secure Sockets Layer. This is a security protocol that encrypts any data traveling to or from your website. SSL helps prevent hackers from ‘listening’ while data is transmitted – whether it’s your webmaster logging into your WordPress dashboard or a user submitting a contact form.
How do users know if my site uses SSL or not?
Pages with SSL begin with https:// instead of http://. Most browsers will also have additional signals. On Firefox, for example, you will see a green padlock icon on secure sites:
Chrome shows a smaller padlock and the word, “secure.”
Internet Explorer puts their padlock icon over on the right side of the address bar.
What if a site doesn’t have SSL?
Both Chrome and Firefox browsers show the little ‘info’ icon if your site is not secure.
If someone clicks on it, they’ll be shown a ‘not secure’ message.
Most users won’t actually click the info icon above, but as soon as they start typing in an input field of any form on your site, the ‘not secure’ message opens up in the browser bar in place of the icon.
Previously this warning was only shown when entering a credit card or password, but since October 2017, Chrome has been showing the warning when a user begins typing in any input field.
Google will start making the notifications more prominent later this year. They have also indicated that non-secure websites may not be ranked as highly in Search.
Google stated that they will continue to extend HTTP warnings in future releases, and will at some point move to more noticeable red-colored ‘not-secure’ labeling.
Eventually, we plan to label all HTTP pages as non-secure, and change the HTTP security indicator to the red triangle that we use for broken HTTPS.
– Emily Schechter, Chrome Security Team
How do get SSL for my website?
In order to implement SSL, you will need to purchase an SSL certificate (usually through your web host), and you may also need to upgrade your hosting account to include a dedicated IP address. In order to issue the certificate, your identity will be authenticated. Once you have digitally received the signed certificate, it will need to be installed on your server. Finally, modifications to your website are made to make sure all links utilize the secure address beginning with https:// instead of http://.
Your web host may be able to help you install your security certificate, but your webmaster will usually be the one to modify your site links accordingly. If you need assistance implementing SSL on your website, please feel free to contact us.