Ensuring the web is a safe place to shop online and share your details on websites has been one of Google’s primary objectives for some time, but more recently you may have started noticing when you visit a non-secure website a message will appear warning you that the site you are about to enter may not be safe.
For the website visitor this is good, but for the website owner, particularly if it is a business or e-commerce website, it would probably be scaring off potential customers, but a non-secure website could also be penalised by Google’s rankings.
And Google’s SSL certificate deadline is about to get even tougher on non-secure sites as early as July this year, which for some could possibly totally kill your online traffic if you fail to improve the security of your website.
And before you start complaining that Google is being too harsh, keep in mind that cyber crime is three times higher this year than 2015, and could cost $2 trillion by 2019. Educating people to only visit sites they trust is very good education to help prevent victims of cybercrime.
So, what exactly is an SSL certificate, and why do I need one?
An SSL certificate, or ‘Secure Socket Layer Certificate’, encrypts and protects the information that is transferred between your site’s hosting and the browser viewing it. If you have contact forms or shopping carts on your site which collect people’s data input and you don’t have an SSL certificate in place, Google is more likely to be tougher on you.
AN SSL certificate can be purchased from your hosting provider that activates the grey or green padlock icon next to the domain name in your web browser, and you’ll notice the ‘https’ rather than ‘http’ at the start of the domain, indicating a secure connection.
Your website security is now more important than ever before, as hackers are constantly attempting to intercept data from your site for malicious use. Some simply do it for fun because they can, while others could be stealing personal details to use for data theft or credit card fraud. And technically, if your website is not secure you may be liable.
What an SSL Certificate does…
- Encrypts sensitive information being collected and transferred on your site
- Provides authentication
- Helps establish trust with your visitors
- Improves your organic search engine rankings. Google favours secure websites
How do I set up an SSL Certificate?
Your hosting provider will provide this as an additional service, and depending on the type of SSL certificate required, the cost will usually vary between $50 to $600 per year.
Once you determine the type of SSL certificate you require (see below), the activation time will be anywhere from a few hours to a couple of weeks, and once activated you will see the small lock icon appear. To ensure your site is fully secured, if you run a WordPress site, install the free Really Simple SSL plugin and activate it, and your entire site will then be nice and secure. If you ask your hosting provider or web developer to install it they will usually implement it at no charge once you have purchased the SSL certificate.
What type of SSL Certificate do I need?
While setting up the SSL is easy, knowing which one you need might have a few people stumped as there are 5 types:
Ideal for a single domain name. If you have a shared hosting account with more than one domain on it, this SSL would only cover one of the sites, so this would not be for you. However if you have a standard simple (non e-commerce)site, this is for you.
As it sounds, if you have multiple domains this will cover the entire suite of sites for you.
A Wild card SSL will cover sub-domains for you, so if say you have designers.smartfish.com.au then you will have the entire site secured.
Premium (or Extended)
A Premium domain name uses the strongest encryption + EV (Extend Validation), which ensures your e-commerce site is secure, and will give you the green padlock instead of a grey padlock icon. You usually also have a warranty, similar to insurance, of around $1,750,000, in the event that anything does go wrong after the site is secured.
You will find it takes a bit more work to sign up for the EV as more information is verified prior to set up to ensure you are not using the site for the wrong reasons, so legal and business information may be required for the verification process, including letters from your accountant or solicitor, ABN checks, etc.
It is a bit of a pain, but well worth it.
Our own hosting services, HostEasy, offer the Standard SSL certificate for just $3 per month, or the Premium for just $9.63 a month.
So what is the next step…
Contact your hosting provider to get the process started. There is no disruption to your emails or website during the process, and in most cases they will assist in the actual setup for you, taking the stress out of the process.
While adding the SSL, it is also a good time to check the general security of your website. If you have a WordPress site, check that it is running the latest version of WordPress, your theme is up to date, as are the plugins. As a web developer, I find most people tend to rarely update their plugins, which can lead to a variety of problems, from a slow website, particular functionality failing, through to the site being destroyed by hackers. Your website is an operating system, and just like a car, it should be services every so often.
If you don’t know how to maintain your own website, ask your web developer and form a small fee they will keep it maintained for you.