What Is SSL Certificate Encryption And Why Every Website Should Have One
Having an SSL Certificate now has more to do with the success of your website than ever before. This security feature is no longer a luxury to have installed on your site, it’s a necessity. So let’s discuss what an SSL Certificate is, what it does, and why you need to have one installed on your website or blog.
What Is An SSL?
SSL (Secure Socket Layer) certificates protect the data transferred between a web server and a browser by enabling a secure connection between the two. Basically, it means that all data transferred from a web server to a given browser is encrypted.
A little more technical explanation; when and SSL is installed on your server, it digitally binds your websites’ details with a cryptographic key, activating the https protocol and that little padlock you see in a secured sites’ browser url. This means your website now has secured connections to your users’ browsers.
So, when visiting an SSL encrypted site, you’ll notice the https (in green lettering) and the little padlock preceding the sites’ url in your browser. This means that any data that you input into forms or at checkout on the site is encrypted and secure. (If you look in your browser right now, you’ll see the padlock and green https in front of my url here.)
Google Search Ranks & Organic Traffic
A lot of people didn’t catch this in Googles’ big algorithm storm that’s been going on since the end of 2015, but Google now requires sites to have an SSL security certificate installed. Google has actually been “strongly advising” SSL certificate installation since at least 2014, when it began giving sites with an SSL a boost in search ranks. And, the Google Quality Guidelines state that a SSL certificate is “good practice”.
It’s not that Google has been penalizing you for not having this level of security, you simply get filtered down in search results beneath your competitors that have one. So, currently, if your competition is on the ball, you may find yourself falling further and further back in search ranks.
Consequently, if you get on the ball with an SSL faster than your competition, you could see your search ranks rise, maybe even beating out some of your previously higher ranked competitors! Every chance you get to get the jump on your competitors, you should take. And that’s certainly better than losing traffic, at any rate.
So again, it’s not that Google penalizes you for not having an SSL, it doesn’t have to…
Because more recently, Google has made it so that websites without SSL encryption display a little grey circle with an exclamation point next to the sites’ url in the browser when viewed via Chrome. Click on that and you are going to see a message saying: “Your connection to the site is not secure. Do not enter sensitive information…” The message then goes on to basically tell users to either “go back” to the safety of Google search, or continue to the site at your own risk. And that is bad news. Not something you want your customers seeing when they visit your website.
Because you always want your visitors to feel secure when they visit your site, right? You want them to sit down with a cup of coffee and hang around, read your content, sign up for your newsletter, buy your products or sign up for services, and feel confident that when they use your contact form, their personal information is secure.
You want them to feel all warm and fuzzy about being there.
As if that shouldn’t have you scrambling to get an SSL right away, word has it that sometime this winter (around January), that little grey circle with an exclamation point is going to turn into a RED caution triangle with an exclamation point instead!
Now that will grab visitors’ attention right away.
It means that if you haven’t already, you will soon lose organic search traffic, at least on Google search anyway, if you don’t have an SSL installed on your site. And worse, visitors seeing this message will begin to associate that lack of security with your site, your business, your Brand.
That being said, let’s not get to giving Google too much of a bad time on this one. After all, the web is not such a safe place, for your sensitive personal and financial information, or your pc. You must be vigilant to use the internet safely. And big companies like Google were bound to pick up on this and do something about it sooner or later. And again, Google has been telling us things were headed in this direction for at least 3 years now. (Which is why I started recommending that my clients secure their sites with SSL’s back in 2014.)
So, while it may seem like a pain for businesses, the goal of this is to make your site safer for your customers. It helps keep their personal and financial information safe and secure. And this alone is a reason to get your site covered immediately, even if you just have a service site, because your savvy customers will be looking for that padlock, and green https in their browser to determine if the site is safe to shop. Even if they don’t know this (yet) if they see that exclamation point and warning instead, they are likely to just leave.
PayPal Buttons & SSL
There is talk that PayPal buttons will no longer work on websites without an SSL. In fact, PayPals’ own information states that this is the case since 2016. There is something there about “grandfathered embedded buttons”, but I wouldn’t wager on that. I’ve looked into this a bit and found people saying their buttons don’t work on their non-secured sites. And they also report that PayPal support told them they needed an SSL for their buttons to work. But even if this is not a problem yet, I would not be a bit surprised if it happened sometime in the near future.
For those who sell items using embedded PayPal buttons, this would be a huge issue. Even IPN integrated sites may be effected. I’m not sure about that. And I don’t figure it is worth looking up either, because let’s face it, with Google now insisting on having an SSL secured site, it’s a dead-given that other search engines soon will too.
These types of things generally don’t go away, they only get more prevalent. Most especially, financial companies like PayPal are likely to follow along soon, if they haven’t already. So, I just recommend protecting your site with an SSL right now. Why wait until it causes you and your business problems?
Okay, I’m done freaking you out now. Sorry, but I had to give you that information in order to make sure that you are fully informed, and taking this seriously. Not my favorite part of the job here, but necessary just the same.
Now let’s make you feel warm and fuzzy about your website again…
How To Get An SSL For Your Website
Not to worry. You know I always have a solution for you. SSL’s used to be rather expensive, but fortunately costs have gone down significantly since all of this has gone on. You can get an SSL that covers your site for two years for around $60 vs a few years back when they cost an average of $130-$180 per year.
Your web host should be able to install an SSL for you, so check with them before you go elsewhere. (And if they won’t install one for you, I would probably recommend changing hosts.) In fact, most good web hosts are now including a free SSL with their new hosting packages for a year or two. So ask your host if they offer this.
Make sure that no matter where you get your SSL that it’s provided by a trusted company. There are cheap, low quality SSL’s to be had. So be sure to go with a good one like Comodo or Geotrust.
Important SSL Information To Know
Once your host installs your SSL on your server, you are likely to need to finish up on the front end, unless you want to pay someone to do it for you. And since that can run you anywhere from $50 – $180, you may want to just take care of that yourself if you can.
If you have a WordPress site this is no problem in most cases. All you need to do is install a plugin that does most of the work for you. Go to your dashboard>plugins and click “add new” in the top left-hand corner of the plugin panel. In the search box type in “SSL” or “https”. You’ll see several plugins that will help you finish your SSL installation on the front end of your site, by forcing your pages over the secure https connection.
Just make sure the plugin you choose is kept up to date, and well supported by the developer. And be sure to find one that is well documented, with easy to follow instructions on how to set it up. With a good https plugin, there isn’t much to do, the plugin does most of the work for you.
Now, please note that all WP installations are different, and this plugin method can be problematic. Sometimes this method just doesn’t work. In which case, you may need the help of a developer, or your host, to set things up for you.
However, most of the time the simple plugin method works, and you will have no trouble.
Quick Note: I’ll be helping my Silver Members with this SSL topic very soon, with a video tutorial on how to install and setup my top recommended SSL plugin. I’ll also be sharing my recommended hosting solution that provides and installs a free SSL for the first 2 years with each of their hosting packages!
This information and video instruction will be available along with an entire professional WordPress setup video Workshop for my Silver Members in the Silver Member Suite on Web Genesis Nation when it opens this fall. So if you need or want help building your WordPress site, be sure to Join Me!
And moving on…
A Few Last Important Things To Note
Once you have installed your plugin you will need to go to your WP dashboard>settings>general and set your WordPress Address (URL) and Site Address (URL) to include “https” instead of “http”. Save the settings, then you will need to log back into your site over the secure connection.
You will also notice a new section in the right sidebar of your page and post editor pane with the option to secure your page with SSL. You may need to go through and tick that box on your pages and posts, then re-publish to secure them. Sometimes you don’t. So, if you set up the plugin and the SSL isn’t working, try that before you start pulling out your hair!
Once you are all set, be sure to embed your SSL certificate logo or “check this” image link in the footer of your site to let your visitors know they are protected. They will appreciate the reassurance.
Of course, if you created your website with Shopify, Wix or something of the like, this is taken care of for you automatically. You won’t have to worry about the SSL issue because you will already have one, at no extra charge.
But if you have a Shopify store integrated with your WordPress site for eCommerce, you’ll still want to secure your WP site with an SSL.
I hope this helps you to better understand why you need to have an SSL for your site, and how to get an SSL for your website or blog. Because I know it may seem like a big scary deal at first, but it’s really not. And aside from the detriments of not having one, having SSL encryption on your site has big benefits that are only likely to get bigger. Your search ranks will be better protected, your site will be better protected, and your customers and visitors will feel safer knowing that they are protected.
This of course helps create trust in your business among your visitors, something that is virtually priceless.
What Is SSL Certificate Encryption And Why Every Website Should Have One