Perhaps, you’ve just checked your website and seen the words “Not Secure” (before your URL) in the address bar at the top of a web browser. Now you’re wondering how to fix it. You simply need to install an SSL Certificate.
A few years ago, SSL was recommended for eCommerce websites and specific pages of websites where sensitive information would be transmitted or received. In 2018, that changed.
Today, every website needs an SSL certificate.
What is an SSL certificate? An SSL is a digital file that establishes a secure connection between a web browser and a site server. It has a public key and a private key that work together to establish a secure connection with encryption.
How to Recognize a Website with an SSL Certificate
When you visit a website with an SSL certificate, the URL starts with “https://” instead of “http://“. The ‘S‘ at the end of HTTPS stands for ‘Secure’.
Understanding HTTP and HTTPS
What is HTTP? When you type a website address (URL) into your web browser (such as Google Chrome), the browser sends an HTTP request message to the server, asking it to send a copy of the website to your computer. The server response contains the web page you requested. It is sent to your computer using HTTP.
When you send information back to the website, to log in, for example, your computer also communicates with the server using HTTP. But, communications such as these are sent in ‘plain text.’ They could be read by hackers that manage to break into the connection between the browser and server.
This is where the secure version of HTTP, known as HTTPS, comes in to provide a more secure connection.
Using HTTPS, the messages sent between the server and computer are scrambled so that no one in between can read them. This keeps your information safe from hackers. They use a Secure Sockets Layer (SSL) to send the information back and forth.
Look for the Padlock Icon
You can tell if a site is protected by SSL encryption when you see a “padlock” icon and HTTPS before a page’s URL in the address bar of a web browser (such as Chrome or Firefox).
Installing SSL Certificates
- To help keep your website safe from hackers, you need to install an SSL certificate at your host. (There are different security levels you can choose from and a wide range of prices.)
- You can have a web developer or your host install it for you or try to do it yourself. It is not a simple task, though. READ: A Step-by-Step Guide to Migrate Your Site to HTTPS.
3 Levels of Trust
The three main trust levels for SSL Certificates (from highest to lowest):
- Extended Validation
- Organization Validation
- Domain Validation
- EV Certificates (EV) include the most company data. Companies must meet the highest, most stringent requirements to receive this type of certificate.
- OV Certificates (OV) also include business authentication. Information about a company is included, but, is not as prominently displayed as in EV Certificates.
- DV Certificates (DV) are the most basic type of SSL Certificate, with the least amount of identity information included.
SSLs, Page Speed & SEO
- In the past, SSL slowed page load times by 3-4 seconds per page. Now the delay is barely noticeable.
- SSL has SEO benefits. Visitors looking at a list of search results are more likely to click on a secure website over a non-secure one, thus improving the secure site’s click-through rate.
If that’s not enough to get you to take action, this probably will. Since 2018, Google no longer just encourages website owners to install SSL Certificates, it has begun putting more and more pressure on everyone to do so.
HTTP Sites Flagged as ‘Not Secure’
ALERT: If you don’t have an SSL Certificate, web browsers, such as Google Chrome and Firefox, will flag your website in a not-so-friendly way. They have begun marking all HTTP sites as ‘Not Secure.’
SSLs & Privacy Policies
No matter whether you run a hotel, candy shop, retail store or country inn, if you have a company website, it’s time to install an SSL.