SSL and your site
You may have noticed that over recent years, Google has been stressing how important security is.
Google are now suggesting adding SSL to your website for your visitors to have a much safer experience while surfing your website. To try and enforce this, they have now began to penalise sites without SSLs more harshly by labelling them as insecure. This occurs when users are browsing the net via the Chrome browser. A warning will appear in the address bar of certain sites that do not have a SSL certificate.
SSL stands for Secure Socket Layer and it acts as a layer of security between the server that a website is on and your browser. The layer will encrypt all data passed between the two, ensuring that any information on the site is kept secure. Sites without SSLs don’t have this encryption and any hackers that manage to get into the connections between the website server and the browser may have access to sensitive information; having a SSL to encrypt the data ensures that even if hackers did target your website, they would also have to decrypt the data first before having access to any information.
Currently only websites that have password fields and card payment forms are affected but in the near future Google will further crack down and penalise all non-SSL websites. The crack down also includes beginning to show a red warning triangle to further illustrate to visitors that the site is insecure.
We now build most of our websites using the WordPress platform and as it is a modern content managed system, has password fields to allow the owner access to the dashboard – triggering the warning.
As an incentive to websites owners to get SSL, in addition to labelling sites without SSLs as insecure, Google are also giving websites with SSLs a boost in search engine rankings.
To have SSL on your website, you have to have an SSL certificate. The SSL certificate contains information like domain name, company name, address, country, certificate’s expiration date, and details about the Certificate authority (the issuer of the certificate). A result of the new changes could be that users are put off by sites that are marked as ‘Not Secure’. To ensure that your website shows up as a secure, encrypted site, you will eventually need to purchase a SSL.
Adding a suitable SSL isn’t cheap (though we are hoping longer term prices will reduce) and unfortunately, just like hosting, they do need renewing every year.
In most cases we will need to take care of this for you as some of the low cost general certificates available on line wont work with our reseller accounts as they are shared hosting environments.