Since 2017 the major browsers have made SSL certificates a requirement for all websites, whether they be personal or business. This means, all websites should be served with encryption via HTTPS.
Before we get into the reasons why you need an SSL certificate for your website, it might be helpful if we explain what an SSL certificate is and what it does.
What is an SSL Certificate?
SSL stands for "secure socket layer" and is a type of technology used to create a secure link between a website's server and your browser; and vice-versa. This link encrypts the information within a website, meaning that if anyone tried to access, hack or intercept the data on the browser, they would instead see encrypted data - a mix of numbers, letters and characters - which makes it much much more difficult to understand.
So, when you use a form on a website, the information you enter could be intercepted by a hacker on an unsecure website. This information could be anything from bank details to an email address to sign up to a newsletter. This "interception" is often referred to as a "man-in-the-middle attack".
An SSL certificate is a data file that gets installed on a website's server for security purposes, activating security protocols, enabling a secure connection. The website will then use an HTTPS connection (instead of HTTP), with the “S” signifying that the website is secure, along with a padlock icon.
How can I tell if my website has SSL?
When you visit a website with SSL, there are a few distinct differences that display within the browser.
The URL says "https://" and not "http://"
The URL should look similar to the screenshot below. Remember, an SSL-encrypted website will always have the "s", which stands for "secure."
You'll see a padlock icon
The padlock will either on the left or right-hand side of the browser's URL bar, depending on the browser being used, e.g. for Chrome and Safari it'll be on the left. You can click on the padlock to see additional security information.
The certificate is valid
Even if a website has shows both "https://" and a padlock, the certificate could still be expired — meaning your connection wouldn't be secure. In most cases, a site that displays as https will be secure but, it may be worth double-checking to be sure the certificate is actually valid.
You can use the browser's developer tools to do this, e.g. in Chrome go to View -> Developer -> Developer Tools. You can then select the "Security" tab to see additional information about the certificate.
Why is SSL important for a website?
Below you'll find a number of reasons why SSL is important for your website.
It protects your user's data
Using an SSL certificate provides protection for you and anyone who visits your website. Whenever a user enters their personal information, SSL blocks anyone outside the website from accessing that information.
Establishes trust with your users
Having an SSL certificate can help you build trust with anyone who uses your website, giving them peace of mind while shopping or interacting with your website.
Increases search engine ranks
Concerns over people's personal privacy have grown into a movement to see the entire internet encrypted. To push this initiative forward, in August of 2014 Google announced that SSL would be used as a ranking signal in its search results.
Your site doesn't get blocked by a giant warning message
If your website doesn't have SSL most browers will show a "not secure" sign in the address bar.
They may also show a full-page warning telling you that the website isn't secure. This warning screen is a huge red flag for users.
Your website is an investment
Making sure your users are confident that their information is safe and secure when they use your website is vitally important. It doesn't matter if you have the best looking/performing website ever if nobody uses it because it's not secure.
Get in touch