Security is a major concern right across the internet, and SSL Certificates or security certificates are important lines of defence in that fight. Security certificates provide a secure connection between web browsers (Chrome, Internet Explorer etc) and computer servers (where websites are hosted), thus protecting information as it is being transferred across the internet, information like personal details, login details, credit card information etc. Websites that have an SSL Certificate installed and correctly implemented display a little green padlock beside the domain name in a browser.
If your website doesn’t have that little green padlock, then it is time to talk to your webmaster or web designer about getting an SSL installed, because Google will be flagging all websites without it as “Not Secure” from October onwards. This means that visitors to your site may be greeted with a warning message from Google, informing them that their information may be compromised. Your website’s ranking in Google Search Results will also be affected.
What is an SSL Certificate?
An SSL Certificate is short for “Secure Socket Layer Certificate” and it protects information as it is transferred between your hosting and the browser that is viewing it. Up until now all websites were simply served by a non-secure file transfer protocol that you might recognise: http://.
By adding an SSL certificate, you are adding an extra layer of security to this transfer protocol, and now your website will be transferred using https://. Just like herd immunity, the more websites that have SSL certificates, the safer all websites on the internet will be, which is why Google is strongly backing this change.
How do I know if I have an SSL Certificate installed?
This is a really simple test; simply type your website name into your browser – if, after the page loads, you have a padlock beside your url, then you are all set – you have an SSL certificate installed & implemented.
If there is no green padlock, you need to first check if an SSL certificate is installed. Add https:// before your website name (eg: https://www.mygreatewebsite.com) and load that URL. If your website loads but no green padlock appears, an SSL Certificate is installed, but not fully implemented, ie some links on your website are not secured – jump down to Step 2: Getting The Green Padlock.
If you get a security notice, then you do not have an SSL Certificate installed:
Why don’t I already have an SSL Certificate?
If you are wondering “why didn’t my website designer add an SSL certificate to my website?”, websites completed over the past year will most likely already be SSL-ready, but prior to that, only websites that captured customer data – like credit cards or payment information – needed a certificate. This push from Google to get all sites covered with SSL Certificates is intended to make the web a safer place for all website owners and browsers.
Don’t panic though – in most cases, for small websites, getting an SSL installed can be done quickly and easily. Here is a quick overview of what is involved:
Step 1 – SSL Certificate Cost & Installation
Many hosting companies now offer a very seamless SSL certificate installation – for example, Siteground & LetsEncrypt SSLs. However, some do still charge per website – you will need to contact your hosting provider to find out if they charge for an SSL Certificate and how they install them – hopefully, they have an easy to follow step-by-step guide.
When your SSL certificate is installed, you can test that it is working by trying to access your website using https:// – for example, the secure address for this website is https://poppyvine.com. You might notice that, while you can load the page, you do not have the little green padlock – that is the next step.
Step 2: Implementation – Getting The Little Green Padlock
The next step is going through all of the links on your website and changing any direct links from http:// to https://. This can be tedious and frustrating work. If you have experience with Chrome’s Developer Tools, use the Security tab to see what links are still pointing to http:// and preventing you from getting your Green Padlock.
If your website was created using WordPress, then a really quick and easy way to change all links to https:// is to use the Really Simple SSL Plugin. This plugin does all of the hard work for you, but, as with all plugins, make sure that you back up your website before you install it, as plugins can conflict with each other and create site errors. Simple SSL Plugin doesn’t work in 100% of cases, but is a great option if you want to try to get your site SSL protected yourself.
Step 3: Redirect all http:// traffic to https://
If your website was built over six to twelve months ago, then the chances are that links on other websites or social media platforms going to the http:// version of it will exist around the web. What you want to do is to redirect all traffic from http://yourwebsite.com to https://yourwebsite.com. You will need to contact your hosting provider to give you the best method of doing this to suit your hosting and website type.
Getting Your SSL Installed For You
If you are worried about your website’s security and are not confident about installing an SSL Certificate yourself, you should contact your website designer and they will be able to give you a quote. That quote will depend on how large your website is. If you have a lot of pages and links, then it could take a long time to change them all over and test them.
However, for most small sites you should budget for about 2 hours of your designer’s billing time. If you would like us to install an SSL certificate for you – contact us for a quote or advice.