A SSL Website will have an address beginning with https:// instead of http:// and a padlock symbol indicating the page is secure. This protocol is rapidly becoming the accepted norm for all web pages.
What is a SSL Website ? How do I know if my website has it ?
SSL stands for Secure Sockets Layer. It is a protocol which encrypts all data sent between a website and the viewer.
If your website has SSL installed the URL visitors see when they visit your website will begin with https:// instead of http://, and there will be a padlock symbol displayed in the address bar of the browser .
What does this mean? Why is it important?
In the past it was only considered important for a website to use SSL if data such as credit card information was transmitted. Most modern e-commerce stores get round this by using external payment gateways that take the user off-site to complete purchases (eg to the PayPal site).
However, many websites use forms which transmit personal details. This data is transmitted in unencrypted format and it is possible for hackers to intercept these details. These include contact forms or the forms that people use to sign in eg to WordPress websites. While it is unlikely, it is possible for passwords used on forms to be intercepted.
SSL is becoming the new norm
Google believes users deserve and increasingly expect a secure and private online experience when using a website. Consequently, they will in future be penalising HTTP connections in terms of the security information they give users, and also in terms of search results priority.
At the moment, if you go to a standard http:// web page using Chrome you will see a symbol that looks like an ‘i’ in a circle to the left of the URL. If you click on the ‘i’ symbol you will see a mild warning that the site is not secure. However, if you open a page with a form requiring sensitive information on it – such as the login page for a WordPress site, you will now see a clear warning that the page is not secure:
Obviously this is likely to make users feel a little bit worried – or insecure – and Google has warned that this ‘Not Secure’ warning is to be extended to any pages with forms in the next revision of the browser. In the future, it is likely that ALL http:// pages will be tagged as not secure.
In addition, Google allocates a slight ranking bonus to SSL sites in search results – not huge, but only likely to increase in future.
So should I move my site to https:// now, or can I wait ?
The use of https:// is going to rapidly become the norm so yes, probably now or in the very near future is the time to do it.
Is this going to cost me a fortune?
Not necessarily. SSL certificates can be purchased from your hosting company for as little as £45.00 per annum including setup – though some may charge a lot more. Do make sure the fee includes setting up your certificate on the server, as it can be a bit complicated for the average website owner.
More expensive certificates may offer a warranty against the encryption being broken. For most people this isn’t necessary though as all they really need is the reassurance for their visitors that the data is encrypted – and the actual encryption is just as strong on cheap certificates as on more expensive ones.
Some hosting companies also offer free SSL via a new certificate issuing authority called ‘Lets Encrypt‘.
I’ve got an SSL certificate – now what?
Now you need to convert your website to use the https:// protocol. If you have a CMS such as WordPress this can be relatively straightforward using a plug-in.
If you do not have a CMS then you will need to convert all your links to https:// then set up 301 redirects from HTTP to HTTPS via an .htaccess file
I want to move to https:// – can you help me?
Of course we can… depending on who your WordPress website is hosted with costs for ensuring your SSL certificate applies to all your website can be as little as £40.00, larger websites can cost more, just get in touch on 0191 280 2023 for a free no obligation quote
For other non WordPress sites – please ask us to quote.