The topic of having an SSL on your website is often raised on business forums and webmaster blogs. Often the subject of much confusion, SSLs are actually quite simple, but yet do have huge potential, good and bad. So what is an SSL, and what exactly does it do?
What Does An SSL Do?
In simple terms, once installed an SSL encrypts (scrambles) information sent to and from your website. The obvious question is, “why would you want to do this”? The reason quite simply is security.
Imagine you have a form on your website, the form may ask personal questions, or it might even take credit or debit card details. If someone (a customer) completes this from, the data is sent FROM the user’s computer, TO your website. The data is sent pretty much as-is.
However, if someone, a hacker for example, wished to intercept this data, they potentially could. In fact, this would be as easy as being within range of the user’s WIFI router with some free software installed on their laptop. Once they run the software and intercept the data, they would very easily be able to read it. Obviously if this data includes credit/debit card details this is a major security concern.
However, with an SSL things are a little different. A hacker could still intercept the data, but it would be completely unreadable to them. Because of the encryption applied by the SSL, the data is converted into complex code at the users end, and decoded back at the website server’s end. At the point the hacker could intercept over WIFI, the data would be unreadable.
How Do You Know If A Site Has An SSL?
There are a couple of ways you will know this.
Most web browsers will display a small LOCK or PADLOCK icon if you are viewing a secure site. You can see examples for Chrome, Safari and Firefox below.
The address of a secure website will start with HTTPS:// rather than HTTP://
Do Users Care?
Overwhelming evidence suggests that they do care. The confidence of knowing a website is protected by an SSL allows users to enter personal information without the worry of that data being insecure. Showing your customers that you have taken the effort (and cost) to install an SSL, shows them that you are conscious of security, and you are concerned about protecting their privacy.
Is An SSL Required?
It very much depends on your website.
If you are taking credit or debit card details directly on your site, you may be subject to terms and conditions of privacy, and PCI regulations which require you to transmit data securely.
If you are planning to sell via your website on Google Shopping, you will need to have an SSL.
It is also important to note that Google’s Official Webmaster Guidelines do clarify that having an SSL IS a ranking factor, and as such your website will perform better on Google search if it has an SSL installed.
What Are The Dangers?
Whilst having an SSL is almost a no-brainer, it is very important to have your SSL installed properly. All pages of your website should perform a 301 redirect to the new HTTPS url, and you should also take actions with your Search Console and analytics accounts to account for the change of address.
Remember, changing your website address to HTTPS is effectively as dangerous as moving your website to a totally new address, and should be handled with extreme care.
If you would like any advice about the setup or config of an SSL, please just get in touch.