You’re thinking: I’ve got a website. But now I need to make sure it is secure. How can I show visitors I’m serious? I need SSL on my website.
What does SSL mean?
SSL stands for Secure Sockets Layer. It is a technology that establishes an encrypted link between the user’s browser and the website he is visiting. You might also hear HTTPS (HTTP over Transport Layer Security), which is a communications protocol. The “S” means that it is secure – encrypted by either Transport Layer Security or Secure Sockets Layer. It is a guarantee for your website visitors that you are making every effort to keep their information private by encrypting communications between their computer and your website. This prevents third parties from eavesdropping on any of the information shared between the website visitor and the website. Read more about what an SSL certificate is here.
Why do I need SSL on my website?
- You have an e-commerce website.
SSL is required if you intend to make your website PCI compliant, which is essential if you are taking any type of payments directly on your website rather than through a third-party processor. Even if you are not taking payments directly, but you are running a website with any type of e-commerce, an SSL certificate is an extra guarantee to your visitors that you take their security seriously, and you don’t want ANY of their personal information falling into the wrong hands.
- You have any webforms.
Even without e-commerce, if you have users log in to your website or submit any kind of form on your website, you should seriously consider an SSL certificate. It’s one extra way to keep your users’ information safe, and is proof to your users that keeping their information safe is important to you.
- Browsers are pushing it.
Google started warning website owners of “non-secure password collection” back in January. Chrome also notes “not secure” next to any website not using the SSL protocol.You can see that this:
will encourage your clients to trust you much more than this:
Firefox joined the club in March and now warns users any time they enter information on a form that is not on a page using SSL.
You want your users to see that your site is secure if they are entering important information like their email address or their password.
- It counts in Google’s rankings.
Besides the impression of security and seriousness that SSL/HTTPS gives, it’s also important to note that Google now considers HTTPS a ranking signal. That is, if your website doesn’t use SSL, it may rank slightly lower in search results than a similar site that does use SSL.
- Website speed.
Another advantage of SSL is that if your host offers HTTP2, which is a faster protocol than HTTP, you’ll only be able to take advantage of that if your website uses SSL. I think we can all agree that site speed is of the essence if you want to keep visitors on your website.
Is SSL the be-all, end-all of website security?
Well, no. There is no magic bullet. Website security is layered for a reason. Seeing a padlock or https:// in a site URL shows that the website uses SSL, but it is still important that users remain vigilant. Users need to verify the domain name they are visiting, and be sure the certificate matches the apparent domain name.
Nonetheless, obtaining and installing an SSL certificate is one essential step in proving to your website visitors that you take their security seriously.
How do I set up SSL on my website?
It’s easiest to purchase an SSL certificate, usually renewable on a yearly basis, from your web hosting company. Your hosting company can install the certificate, and your trusted web developer can update your website to use HTTPS.