This article is all about showing business owners like you that it’s very much worthwhile having a SSL certificate for your website, so that your website works over HTTPS rather than HTTP. Fundamentally it’s all about security, but as you’ll see, there are other tangible benefits to your business too.
- 1 A quick word on jargon
- 2 How SSL certificates are added to a website…
- 3 Reason 1 – You are protecting the privacy of your visitors
- 4 Reason 2 – The Chrome Browser highlights non-HTTPs websites as ‘Not secure’
- 5 Reason 3 – Google use HTTPS as a positive ranking signal
- 6 Reason 4 – you can take advantage of brand new speed-enhancing technologies
- 7 Back to enabling SSL on your website…
- 8 Want some help?
A quick word on jargon
It’s easy to confuse the terms SSL and HTTPS, so let’s solve that right now and get them explained.
SSL – this acronym stands for Secure Sockets Layer. It’s a name that describes the technology involved in encrypting information sent between your website and your customers’s web browser. The information sent to and from your customer’s web browser is encrypted to make it much more difficult for would-be ‘hackers’ from grabbing that information and doing something with it.
SSL Certificate – this is something you purchase or generate that is unique to your website. It’s a special ‘key’ that allows data to be encrypted between your website and your customer’s browser. Only your website is able to read the data encrypted with your SSL certificate, no other website can read the data that’s been encrypted with your SSL certificate. This is where the security comes from.
HTTP – this stands for Hypertext Transfer Protocol. This is the technology that allows your website’s server to send images and text via the internet to your customer’s web browser.
HTTPS – this Hypertext Transfer Protocol Secure – and extends HTTP in such a way to use the SSL ‘black box’ for encryption.
Essentially HTTP and HTTPS are the couriers of data over the internet, and SSL is a locked black box where data is encrypted and secured.
How SSL certificates are added to a website…
Most websites are set up as HTTP (unencrypted), as it’s the most basic service available on a web server. You can upgrade your website to HTTPS (encrypted) by purchasing a SSL certificate, and then to have it installed on your website or server. The installation is usually done by your web hosting company, as it requires some technical server changes that only they’re able to do.
There’s an annual fee for the SSL certificate, and then often there’s an installation fee from the hosting company. The fees you pay here are on top of your usual web hosting, which is why most business owners opt for the free option of just having HTTP rather than HTTPS.
In the last couple of years, a service has popped up called Let’s Encrypt. This service allows you to generate your own SSL certificate for free. Many web hosting companies now support this technology, meaning you can easily add SSL to your website with no additional fees. There are advantages to paying for an SSL certificate rather than using the free Let’s Encrypt version, but I’ll cover that later.
Let’s get on to the reasons why businesses really should have SSL support on their website…
Reason 1 – You are protecting the privacy of your visitors
Fundamentally, HTTPS protects data sent between your visitor’s web browser and your website by using encryption.
With cybercrime growing all the time, using HTTPS makes it dramatically more difficult for would-be attachers to snoop or steal data from your visitors.
Reason 2 – The Chrome Browser highlights non-HTTPs websites as ‘Not secure’
This change to the Chrome web browser has been on the cards for a while, and is due to be live in July 2018 (reference). Essentially this becomes a ‘name and shame’ label for websites that haven’t yet set up a SSL certificate fo their website. That means that your prospects and website visitors are going to visit your website and see the ‘Not secure‘ status in the URL bar (if they’re using the Chrome web browser). Other web browsers (such as Firefox, Safari) will follow suit if they’ve not already done so, therefore it’s not just for visitors using the Chrome web browser.
For a business website, this doesn’t look very professional to have your website labelled as ‘Not secure’. That particular phrase doesn’t really inspire much confidence either does it? This is why we encourage all business owners to enable SSL on their websites.
Reason 3 – Google use HTTPS as a positive ranking signal
Google have been using HTTPS as a ‘very lightweight ranking signal’ for a while now. You get a tiny boost of improved ranking in search results compared to websites that only use HTTP. As you know, improved rankings in the search results usually means more visitors. Now whilst having HTTPS alone won’t push you to the top of search results, it is something that you can control and is worth doing.
Reason 4 – you can take advantage of brand new speed-enhancing technologies
With websites growing in complexity and content as websites become richer with content, web page loading times have been increasing. Now there’s now more imagery and text to download for every web page that’s visited. There are a range of technologies (e.g. HTTP/2) being developed for web servers and web browsers that will make loading websites even faster by exporting more efficient ways of transferring data. What appears to be emerging is that these technologies are relying on HTTPS to deliver content securely.
This means you’ll automatically get website speed improvements for your website just by having HTTPS, as web hosting companies (and web browsers) are upgraded to exploit these new technologies. This means your website visitors will be able to see the content on your website more quickly than ever!
Back to enabling SSL on your website…
Let’s Encrypt is a relatively new technology that allows you to have SSL certificates for your website for free. The big different with Let’s Encrypt compared to premium (paid for) SSL certificates is that the latter certificates usually come with an insurance policy. For a premium SSL certificate, you’ll usually need to go through a verification process with your business to verify your identity.
In a nutshell, premium (paid for) SSL certificates carry more weight from an authority perspective, and might be something you use for an ecommerce website. For a brochure website that you’re using to collect leads (e.g. for lead magnets, lead web forms) and blogging from, a simple Let’s Encrypt SSL certificate is perfect for your needs.
Want some help?
If you’d like help setting up an SSL certificate on your WordPress website, please get in touch.