This blog post about SSL certificate is for non-techies such as consultants, small business owners, insurance brokers etc. I am going to avoid technical stuff and explain in simple terms what an SSL is and why you should get one immediately for your website.
Full form of SSL
SSL stands for Secured Socket Layer, just know that it is something related to security for now.
How to know if your website has an SSL certificate or not?
When you visit a website and you see that the URL/domain/web address of the website begins with “https:// ” with a green padlock, then the site has an SSL certificate. For example the website below.
On the other hand if a website does not have an SSL certificate then it will begin with only “http”, there will not be any green padlock. Before chrome used to show a grey “i”, when clicked on, it showed the user that the site is not secure.
But now it is far worse. If your site does not have an SSL there will be a red warning beside you domain name “Not secure”. It will look like the site below.
But in some cases, it is even worse. When Google tries to redirect you to the secure version “https://” and a website does not have an SSL certificate, it shows a huge warning, telling the user not to proceed.
When I first saw this message I thought that the site contains viruses or malware. Hence I left immediately, the same thing will happen with an average person. If you are looking to build trust with your website and this following thing happens when a user visits, you can throw that trust out of the window.
How SSL Works (In simple terms)
I am going to try to avoid all the technical stuff and explain how SSL works, why it is important and you should get one immediately! If you are a technical guru, and know a lot about the web, then please don’t bother, JUST LEAVE.
Lets talk about the browser and server first. The browser is the software or app using which you visit a website, for example Chrome, Firefox, Internet Explorer, Safari etc.
The server is the remote storage where the website lives. The server contains the files, images, videos, codes and all the functions which makes the website operate.
You access the website by making a connection to the server using your browser. After making the connection, you interact with the server(website) by filling forms, clicking to see more info etc.
Where is the issue?
Let me explain to you by giving an example. For example, you are talking with a person in English, and you are telling him a secret. If a third person comes in who also knows english, he will be easily able to hear and understand the secret. But on the other hand, if you two are talking in German and a third person comes in who only knows English, he will not be able to understand what you guys are talking about. Hence not getting the secret.
A very similar thing happens when you are interacting with a website. Your browser talks with the server.
If a website does not have an SSL. When you visit the website with your browser. For example, you fill up a form with sensitive information, such as credit card info. When you submit the form, the browser sends the information to the server. A hacker (third person) can come between you and the server and retrieve that sensitive info. This is like a third person coming in and hearing your secrets. So your credit card info or any other type of info is vulnerable to hackers and scammers.
So avoid:
- Visiting websites without any SSL certificate using a public WiFi
- Do not fill up any kind of forms in websites with no SSL
On the hand, if a website does have an SSL certificate. When you visit that site, a secure connection is made between you and the server. The messages between you and the server are completely encrypted. In simple terms, it is like as if you and the server is talking in a unique language, only you can understand each other. A hacker may come in between and may hear you but will not be able to understand what you are talking about. Hence your secrets will be safe.
Why you should get an SSL certificate immedietly
Google does not like websites without an SSL, so your SEO ranking would be much lower compared to the ones who have SSL
Visitors may visit your website but will not feel safe contacting you or interacting with you. They might think you are a scammer.
You cannot take any online payments from your website. For example you must need an SSL certificate installed if you want to receive payment using Stripe from your WordPress website.
What can you do?
I hope by now that you realized that you must need a SSL certificate. But how can you get one? It is easy, just contact your hosting provider for example Bluehost, Godaddy, Namecheap etc. via a live chat or phone call.
Just tell them that you need an SSL certificate. You would need to let them know for which website you want the SSL. You must make sure that you get the secure “https” version plus the green padlock when you are visiting the site.
It does not cost much! It cost me only about $10 to renew my website’s SSL certificate. If a website is brand new, they usually provide the SSL for free.
Share this info with your friends!
If you have read this blog and you know that some of your friends does not have an SSL in their website. Then please share this blog with them.
It does not matter whether they have a website or not. This blog will make them aware of websites without an SSL certificate. They will be more careful while interacting with such websites.