If you’ve ever had a web professional tell you that you need SSL for your website, you may have raised an eyebrow and wondered what they’re trying to sell you this time. And what is SSL anyway?
Well, I can tell you that you MUST, 100%, DEFINITELY have SSL installed on your website.
Why?
- It shows you take security seriously and support a safe world wide web.
- Google have confirmed that having SSL is a ranking factor.
So what is SSL?
SSL stands for Secure Sockets Layer and refers to the system of transferring data securely from your website’s hosting server down into the user’s web browser. What it means is that when your customer finds your website and loads the homepage, the little packets of data containing all the images and text files that are sent from the hosting server to your potential customer’s computer, are tied up securely so that no one can hack into them during their journey between computers. ie: the website has an SSL Certificate installed.
If you’ve ever tried to access a website and have received a warning message telling you that the connection is not secure, then it is usually because the site has no SSL installed or something has gone wrong with their SSL.
You can tell if a site has SSL because you can see a little padlock icon at the beginning of the url field in your web browser and the url will always start with https instead of just http.
If you click on it, it will tell you that the site is secure.
You can even click on the ‘Certificate is valid’ to see specific information about the SSL Certificate. Pretty nifty right?
It used to be that only shop websites needed to have SSL because they were collecting people’s credit card details and personal information. However, now it is recommended that every website has SSL protection.
But do I have to pay for SSL?
So now you can answer the question: “What is SSL?”. But do you have to pay for it? I hear this a lot. No, you do not have to pay for SSL. Most good hosting companies like Siteground will provide you a free SSL Certificate as part of their hosting packages. If your hosting company doesn’t offer the free SSL Certificates, you can always get one from places like Wildcard SSL or Let’s Encrypt which are the most popular free SSL providers. You’ll need to check with your hosting company first though as some of them will force you to buy their own.
So what is the difference between a paid SSL Certificate and a free SSL Certificate?
The truth is that free SSL provides the same level of data encryption as paid SSL. So why would you pay for one?
Although the level of data encryption is the same, there are a few extra features that paid SSL provide.
Paid SSL will:
- Provide you with a security seal image that you can add onto your site, which is great for building consumer trust.
- Provide a warranty which often includes insurance if money is stolen from your online store. You will be able to claim back some or all of the stolen funds.
- Provide you with support if something goes wrong with the SSL Certificate.
- Will authenticate the owner of the website and validate that they are a legitimate business. Whereas free SSL provides domain level authentication which validates that the person who bought the certificate has management access to the domain.
- Sometimes offer additional security tracking systems.
Should you get Free SSL or Paid SSL?
Get Paid SSL if:
- customer trust is a big issue for your target audience. That security seal image can go a long way toward showing how seriously you take cyber security in the eyes of your customer. And most people just assume that the level of data encryption is much better.
- if you sell products online and you would feel more secure knowing that you would be financially compensated if someone were to steal from your online store.
Get Free SSL if:
- you’re not selling anything on your site and you just want to make sure that you have SSL for google (it is a ranking factor) and to show you understand that cyber security is something to take seriously.
- you are selling products on your website but your customers already trust you and you don’t feel that it is necessary to provide the extra level of authentication.
So the bottom line is that free or paid, you can be confident that you’re still getting the same level of data encryption. The rest is up to you and your business. Just make sure you have one, because apart from everything else I’ve already mentioned, the Google Gods will not be happy if you don’t have one. If you want to know what else the Google Gods like about websites, check out my post on getting google to notice you.