SSL Certificates: Definitions
SSL
Secure Sockets Layer is a standard security technology for establishing an encrypted link between a web server and a browser.
HTTP/HTTPS
Hypertext Transfer Protocol is the underlying protocol used by the internet and defines how messages are formatted and transmitted.
HTTPS is a variant of the standard protocol which adds a layer of security on the data in transit through a secure socket layer.
HTTPS is important for any website that collects information from its visitors. If you have a form, a store, a client login area, etc you should have a SSL to make your site secure with HTTPS. Visitors to your site who see HTTPS are more confident that their information is safe while visiting your site. Even if you don’t collect information, having a secure website gives visitors that extra feeling of safety.
In order to make a more secure internet, Google is now showing all sites that are not HTTPS as NON-SECURE within their Chrome browsers.
Free VS Paid Dedicated SSL Certificates
Free SSL Certificates
Free SSL certificates provide validation of ownership of a domain and only one domain can be secured by a free SSL certificate. These free SSL certificates or AutoSSL certificates are issued through cPanel and renew every 90 days. These certificates use the same encryption as dedicated SSL certificates, but only validate ownership of the domain name. However, your site will still show the green padlock of protection.
Dedicated SSL Certificates
Dedicated SSL certificates include more in depth validation of the ownership of the domain name and the business that claims ownership of the site. This added layer of validation is extra security. The encryption used for the SSL certificate is the same, although the validation is much more secure. These certificates vary in price, but standard is $150/year. The extra security prevents others from trying to use your business for phishing and other spam related activities.
Whether you have a free or dedicated SSL certificate, it will help your SEO with Google as they use HTTPS as a ranking factor. Also, Google is blocking referral data from HTTPS sites to HTTP sites. Therefore, you could be missing out on platforms that are sending you traffic.
Converting Your Website from HTTP to HTTPS
There are a few things that you will need to do in order for your site to show as secure to web browsers.
- Backup your website.
- Within WordPress you will need to change your domain name from http:// to https://. You can find this under Settings > General.
- Update links within your site to HTTPS. This can be done manually – which could be time consuming – or you can use a plugin. Here are some suggested plugins:
- Test your site. If you have the green padlock you are good to go! If you do not see the green padlock you have a little more work to do. Visit whynopadlock.com to determine what is causing your site to not be secure. If you are on CloudFlare, you will not be given a reason for your site not showing secure. Just reach out and we will get it fixed for you.
- Be sure to include https:// when sharing a link to your website.
~Amanda