You will probably have noticed the padlock in your browser window, http:// changing to https:// or the browser bar changing green. What the SSL certificate does is secure connections from your web browser to the web server by encrypting the data which is sent back and forth.
Until relatively recently websites generally only used SSL on areas of the website where sensitive information was passed. For example login screens or for ecommerce websites payment pages. However, there are benefits for using SSL for the entire website, notably prevention of “man-in-the-middle” attacks where a hacker could modify the information sent from the web server to you and vice versa before it is received and insert malicious code.
(Many websites don’t use SSL where they should. If you are using a content management system of any kind (e.g. WordPress) you should be using SSL - an incredible amount of websites don’t)
Aside from the obvious security benefits, Google, as far back as 2014 have been using https as a ranking signal meaning that your website receives some search engine ranking points for using SSL.
Google has also since taken things further and are highlighting how secure websites are in search results as well as moving towards doing the same in your web browser. See the screenshots below taken from Chrome Canary, the development version of Chrome. Notice in the address bar the difference in how the security of the site is highlighted.
Visitors to your website need to feel secure so having warning symbols shown to them when browsing your website is not going to be a good experience.
There are some reasons why SSL isn’t used as much as it should. Cost is one. Certificates are not expensive and especially considering the benefits of using them shouldn’t be a factor. Speed is another. This is no longer an issue. It used to be the case that the overhead of encrypting and decrypting would add a little bit of time to transactions (although only really an issue on huge websites or extremely busy servers). However, now using TLS and HTTP/2 we are able to use multiple connections to transfer data to and from websites thereby speeding things up incredibly.
Secure your site today
Websites I develop are secured using SSL by default these days on A grade rated security servers using the latest 2048 bit encryption over HTTP/2, but if you have a website that isn’t secured please get in touch with me so you and your visitors can reap the benefits.comments powered by Disqus