What is SSL?
Ever wonder why some websites start with http while others start with https? HTTPS means that the website has been encrypted with a SSL certificate. SSL stands for Secure Sockets Layer which encrypts sensitive data like account logins, credit card numbers and other personal information transmitted between a website and your browser so that no one can intercept it.
A SSL certificate is required to create SSL connection. You would need to give all details about the identity of your website and your company as and when you choose to activate SSL on your web server. Subsequently, two cryptographic keys are created – a Private Key and a Public Key. The public key tells people how to protect the information they are sending to the recipient such that anyone can find out how to encrypt the data but only the recipient with the private key can decrypt it. In layman’s terms, A is mailing a padlock (while keeping the key) to B and then B using the padlock to lock a box before sending it back to A who has the key. A digital signature serves as an additional level of encryption to ensure that no one has messed with the data. The sender “signs” a message with a private key and then publishes the public key. The recipient can verify the private key against the public key to confirm that the sender is who they say they are.
Who can Issue a SSL Certificate?
SSL Certificates are issued by companies that undergo regular security audits and verify that the person using the digital signature is who they claim to be. Because SSL Certificates are checked by web browsers, it’s effectively the major browser manufacturers that decide which companies can act as SSL Certification Authorities. Bluehost provides a free shared SSL Certificate available to all accounts residing on a shared IP address which is ideal for small, informational websites. If you have an eCommerce website and would like to implement a private / non-shared SSL certificate, you will need to purchase a dedicated IP address.
Think you Don’t Need SSL?
Think you don’t need an SSL certificate because you don’t sell anything or that your website is too small to be hacked? Think again. Malware and bugs don’t care how big you are or whether you are selling anything on your website. Their one goal is to find vulnerabilities usually created by outdated open-source software like WordPress. Open-source software means that the code is published for anyone to view or modify making it an easy target for hackers. Need more reasons to implement SSL?
Chrome will Tag Non-secure Websites
Starting January 2017, Chrome 56 will mark HTTP websites that transmit data as “not secure” by showing an exclamation mark next to the URL as part of a long-term plan to mark all HTTP sites as non-secure.
SSL Improves your Search Engine Rankings
We all know that the key to more traffic is ranking higher for your industry keywords in Google — but it isn’t easy. With hundreds of ranking signals influencing Google’s algorithm, you want to use every available SEO tool to your advantage. Implementing SSL is an easy way to make your website rank higher in Google’s search results.
Protect your Website & Visitors
The SSL protocol is used by millions of online business to protect their customers, ensuring their online transactions remain confidential. A website should use encryption when it expects users to submit sensitive data, including personal information, passwords, or credit card details.
HTTPS Everywhere
HTTPS Everywhere is a free and open source browser extension for Chrome, Firefox and Opera that forces all websites to use an HTTPS connection whether they support it or not. So what happens if you do not have an SSL and someone tries to visit your website? Well you will get the following error which is not very good for business. As a result, many of our clients including the one exhibited below, are implementing SSLs.
In Conclusion
Need help encrypting your website with SSL, web design, web development or web maintenance? Please contact our San Francisco web development team.