Want to make your website secure but not really sure how to go about it? This blog will help you answer some of your questions regarding your websites security.
Why do I need a SSL certificate?
Typically, information sent between a browser and a web server is sent as plain text, which can leave you vulnerable to hackers. SSL certificates utilise a public and a private key, which work together to establish an encrypted connection.
This certificate does a couple of things.
One, it enables your site to communicate with users using encrypted, non-corruptible data.
Two, the certificate also acts as a stamp of approval from a trusted party that says your site is legitimate and secure to use.
Three, HTTPS sites also load faster. In a test on HTTP vs HTTPS.com, the unsecure version of the page loads slower than HTTPS – try the test on your own device and see it for yourself. Fast loading time is also discussed here as part of upgrading your website blog.
Back in 2014, Google tried to persuade webmasters to make the switch to HTTPS and made the secure protocol a stronger ranking signal as motivation. Google flat-out said they would start giving preference to sites with an SSL. Since that time, encrypted sites have earned a boost in rankings over their unsecured counterparts.
What is a SSL certificate?
Let’s start with the basics, SSL stands for Secure Sockets Layer, this is a security method which allows data to be transferred over a server securely. SSL certificates help to protect the transfer of private information such as payment or bank details, usernames, passwords and more. A website is secure if the URL begins with HTTPS, and it is important to note that it will also display that it is secure.
An SSL Certificate contains the company’s domain name, company name, company address, and the country of origin, for the website. It also contains the expiration date of the Certificate and the name of the Certification Authority responsible for issuing the Certificate. The certificate also includes the public key of the server which is used for the encryption of data. It is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private.
What is HTTPS?
HTTP (Hypertext Transfer Protocol) and HTTPS (Hypertext Transfer Protocol Secure) are protocols, or languages, for passing information between web servers and clients. All you need to know is that HTTPS is a secure connection, whereas HTTP is unsecure. With a standard HTTP unsecure connection, it is possible for unauthorized parties to observe the conversation between your device and the site.
So, what will happen if I don’t have one?
Historically, Google Chrome has not explicitly labelled HTTP connections as non-secure. Beginning in January 2017, they began marking HTTP pages that collect passwords or credit card details as non-secure, as part of a long-term plan to mark all HTTP sites as non-secure. Recent figures from Google now indicate that over 50% of all websites are now secure.
Google has stated in their blog that in future releases, they will continue to extend HTTP warnings, for example, by labeling HTTP pages as “not secure” in Incognito mode. Eventually, they will label all HTTP pages as non-secure, and change the HTTP security indicator to the red triangle that we use for broken HTTPS. As shown here:
Your SSL cert will need to be updated yearly to avoid things like this happening:
OK, so how do I get a SSL certificate?
With prices starting from €100, contact our team at Dmac media and we will be happy to assist you in setting up your SSL certificate and leading you on your way to secure happy browsing.