The Importance of SSL Certificates
Historically SSL Certificates were highly recommended for use with e-commerce websites. Providing credit card data using the plain text transfer of the hypertext transport protocol (http) was inherently insecure which made it possible to intercept the information incredibly easy for nefarious individuals that wanted to steal information. In-fact payment card gateways mandate the use of SSL certificates in order to accept credit cards over their networks. It is no longer an option for sites that transact commerce on online.
In addition, it is now an essential requirement for every site to use an encrypted protocol not only to protect against stealing this information but also because Google highly recommends this transport method in order to get a high rank in their search engine. Google is the lifeblood of success on the internet – without their endorsement to the quality of their site, it is likely that a site will wither on the vine and not attract the users it needs to be successful. This article will provide high-level information about SSL certificates and why they are so important.
SSL is the predecessor to what is now known as TLS or Transport Layer Security. Going forward, we will use the term SSL as a catch all phrase for the group of protocols that are used protect websites from intercepting information as well as to benefit a site in the eyes of Google and the other major search engines.
What does SSL actually do for both the website owner as well as their visitor that entrusts them with their information.
Encryption
An SSL certificate establishes a link between a user’s web browser and a web server so that data is unreadable by anyone watching. This is the reason that all payment gateways require SSL to be active when processing payments directly on your website.
In order to be overly redundant as to the importance of an SSL certificate, it is a significant factor to get your website highly ranked in Google.
In 2014 Google announced that they would begin to use SSL as a ranking signal! This means is that sites that run over the https protocol will be given a higher page rank than sites running on standard http. WOW – they are very clear that this is a major element to getting found.
In 2016, Google announced that it would be updating their Google Chrome browser to clearly indicate sites that do not have an SSL Certificate in place. This is manifested in a bright green lock in the URL form at the top of their browser clearly designated with the word “Secure followed by https:// – if you are using Chrome, see above because brainstorm.co will always use SSL for all of its traffic.
Site Performance via HTTP/2 Support
Authentication
Having an SSL Certificate associated with your domain proves ownership over that domain name. There are fraudsters that can replicate a website and pose a significant risk in order to gather sensitive data. When an SSL certificate is set up, the server hosting your website will also have a server certificate in place. This allows an SSL cert and the server to ensure that data input through the browser cannot be intercepted and prevent attacks.
How can I tell if a site is using SSL
Most browsers will make it clear that a website is using SSL by displaying a padlock symbol near the website address bar. If you are unsure whether a web page is using SSL, you can be sure by checking that the website URL begins with https://
SSL Performance
In the past, encrypting data at both ends of the transfer would slow a website down, but these days SSL will actually improve your site performance if you have a good hosting provider. Almost all recent versions of web browsers support the new http/2 protocol.
This protocol is an updated version of the http protocol, which has been the backbone of the internet since it’s inception. One of the major benefits of http/2 is that it supports something called multiplexing. This allows browsers to download multiple resources concurrently, rather than the standard method of waiting for a file to download before starting the next one.
While the official documentation does not state that SSL is a requirement for http/2 it is only supported at present by all browsers if the site has an SSL in place. So.. no SSL Cert, no multiplexing!
Let’s Encrypt
One of the most significant advancements in the history of the Internet is a great great initiative from a group named “Let’s Encrypt”. These are the guys who are leading the charge for a more secure internet. Let’s Encrypt offer free SSL/TLS for everyone and are quickly becoming industry leaders in this space. They do everything in the background using nothing but the ownership of the domain name as proof of ownership. The world has changed. Your hosting company supports you in every way and installs in automatically in the background.
Host with us
If your site is running on WordPress and you want an SSL Cert as standard, then you should consider one of our plans. We offer all of our plans with an SSL certificate – EVERY SINGLE PLAN! – All of this built on our Amazon Web Services architecture.
We also offer two important plugins with each of your WordPress sites that automatically modify all of its code to work with an SSL certificate as well as allow for our partner Cloudflare to distribute the certificate all over the internet using their amazing content delivery network. These light weight SSL plugins are the Simple SSL plugin and the important Cloudflare plugin that makes it seamless to run your site using their advanced technology.
In addition, we will migrate your site over to our WordPress-optimised environment for FREE and have your site fully secure and performing at it’s best in no time at all. If you have any questions about SSL, please don’t hesitate to ask via our chat support channel or by sending us an email through our Client Area ticketing system.
We are psyched to help you achieve success in anyway your desire and always have your back with any technical issues you run into.