The Importance of SSL On Your Website – Website Security 101

It’s amazing and scary to see how many websites today don’t have an SSL installed, or do, but don’t have one setup correctly. From small businesses to large national companies, the problem seems to be wide spread.

So, what is SSL and why is it so important? Simply put, sites that have an SSL setup are secure websites compared to those that don’t. When you visit a website, look in the address bar. Does the website address begin with HTTP or HTTPS? If it’s the latter, you’ll notice the green padlock signifying that the website is secure. If you don’t see the green padlock, then either the website doesn’t have an SSL setup, or they don’t have one setup correctly. For those that don’t have one setup correctly, this is normally down to one of two issues. The first is that they have an SSL but only on certain pages. Whilst this was common practise years ago, things have changed and now, every page should be secure. Why I hear you ask? Because of SQL injection (Hacking websites and stealing information) enabling malicious users to dump or delete a database. The second reason some sites have a problem is due to insecure content warnings. This is where they have an SSL certificate, but there is HTTP references within the source code of that page.

What’s the problem with visiting a website without an SSL certificate?

If you’re visiting a website and the page starts with http:// and is missing the ‘S’ – the site is not secure. The entire page content is visible to anyone on the same network between you and that site. It’s also possible to be intercepted as data travels over the browser. So those credit card details you entered on a shopping site, the account details you entered with your overused password, everything.

What’s particularly frustrating is that years ago, setting up an SSL certificate was expensive and more complicated than it is today. In fact, today, you can set up an SSL on your domain for free in minutes. Ok, so there may be some tinkering to force not HTTP links to HTTPs etc, but it’s straightforward. There really is no excuse for websites to not have one. Plus, there’s also the benefit of gaining a slight SERP (Search Engine Result Positions) increase from Google by doing so.

Some web hosting companies even let you install an SSL in a few clicks from your control panel, making it dead simple for new site owners to get up and running in a secure fashion.
If you need any help, or advice, feel free to contact me. I’m always here to help. My feedback can be found on LinkedIn or on Google.

Leave a Reply