What is SSL all about? As a webmaster, you may be wondering whether it’s really necessary to have it installed on your site? Does having the SSL certificate help to improve rankings in any way? What about installing it? Is it easy to install?
Today I will help you understand all about SSL by answering these and other commonly asked questions.
First, let us start by understanding SSL and how to tell if your site has it.
What is SSL?
SSL – stands for SECURE SOCKETS LAYER
When you get an SSL certificate on your site, your site URL will change from HTTP to HTTPS.
Once you get https:// you will see a green padlock on your site, which tells people that your site is secure.
If you use a browser such as Google Chrome, you would be able to see immediately whether a site has an SSL certificate or not.
Let us now look at the need for sites to be secure.
What is the Importance of Site Security?
Have you ever had experience on the internet, when you wanted to visit a website, and you would get a warning like this….?
So, what does this mean?
If you encounter a warning like this, or if someone tries to visit your site and they get this warning, it means that something is wrong…
It means that Google has detected that the site is not secure and is infected with ‘Malware.’
This warning is to alert the visitor not to proceed or proceed with caution if they intend visiting the site in question.
How many sites are Infected on a Yearly Basis?
Take a guess.
5 million? 10 million? how much do you think?
Did you know?
That in March 2016, Google reported an estimated 50 million websites that were not considered secure!
This was either because the sites were installed with malware software or some sites were stealing people’s personal information.
Believe or not, this amount is more than double as compared to 2015, whereby there were only around 17 million cases reported.
On average, Google currently blacklists
- 20 000 websites a week for Malware
- 50 000 websites a week for Phishing
Which is the Most Commonly Affected CMS?
CMS- simply stands for Content Management System. This means it is the platform that you would use to manage and build your site upon. Word Press is the most commonly used platform.
Many people including myself, choose this platform to build our websites. It’s easy to use, there are thousands of themes to choose from and lots of plugins to improve the functionality thereof.
Having said that, this is also one of the most commonly affected CMS.
Does this mean that you need to change your website platform of choice?
The truth is that any platform, as you can see from above has the potential for becoming infected.
Remember, as your site grows and gains popularity, it can more likely become a target for hackers to attack.
What else can affect Site Security?
The number one contributor is plugins. Basically, a plugin is a software component that adds more functionality to a website.
For example, if I wanted to improve the loading time of my site, I would try to compress the images on my website so that it can load faster when someone is visiting it. For this I could use a plugin, to compress the image without loosing its quality.
If you decide to install plugins which have not been updated for a while, these can make your site vulnerable to attacks.
Here are 3 out of date WordPress plugins that can contribute to Site Hacks
Does SSL actually boost your site rankings?
Let us assume for argument’s sake, that your site and that of your competitors are equal in all major aspects. This includes things like quantity of content, the length of internet presence and niche market share.
Basically, they both are respected within the internet world, with just one exception....
Your competitor’s site has an SSL certificate but your site does not have one.
This gives Google the opportunity to rank their site, higher than yours, as it is seen as the more ‘trustworthy’ of the two.
In summary, having an SSL(or https in the URL) is considered a ranking metric.
Though it’s not a huge metric, it still counts.
Why should You have an SSL certificate on your site?
It’s SIMPLE: People Trust https://
If people see the padlock next to your URL or the https instead of just http, they would be more inclined to visit it.
The main purpose of having a SSL is to show people that your site is trustworthy and that it is safe enough to take online card transactions.
If you were to have an e-commerce store, and decide to take credit cards as a form of payment, then its imperative to have an SSL certificate on your site.
How does one get a SSL Certificate on their site?
To install SSL on your site is not an easy task.
You would need to buy a single IP Address.
Then you would have to buy a security certificate. This can cost anywhere between $25 up to $500.
And lastly, you would have to get it installed on your site.
How I got my FREE SSL Certificate?
Honestly speaking, I am not technicially clued up for this sort of thing. Thank heavens, that I did not have to go through the above process.
I have three sites and had SSL installed for FREE on all of them.
I am a member of the Wealthy Affiliate training platform. This is a really cool online university that teaches you how to build your own online business from scratch.
In fact, this is where I learned everything about affiliate marketing, and how to build those three magical websites.
Anyways, as a member, every site that you own a domain name to, gets FREE SSL. And as a member, you can build up to 50 websites. Let me tell you, that having three is already a handful, so 50 ….yikes, that is really something.
I am NOT saying that you should become a member of Wealthy Affiliate. The main purpose of this post, is to help you understand what is SSL really all about.
What happens after you got your SSL Installed?
Remember, SSL means that your site URL is now changed from http to https. This change over may not always be straightforward.
Sometimes you may have links or images embedded within your site that may not have come from a ‘https’ source. This may not render that page secure. So, whilst some pages may be secure others may not.
Overall, your site is not fully SSL compliant.
Another thing worth mentioning is that after the changeover, you would need to re-sumbit your site to Google Search console(formerly known as Google Webmaster Tools) so that you can verify the https version.
Don’t worry, I will cover these in tutorials for you in an upcoming post.
Before I end off for today, I would like to leave you with a very interesting article on SSL,
For now, I hope that you enjoyed this article and I welcome any questions or comments.
Looking forward to hearing from you