Categories
Security

Does your website need a SSL/TLS certificate?

We explore what a SSL certificate is, how much it costs and whether it’s worth getting one for your website.

1.
What is a SSL/TLS Certificate?

SSL (Secure Sockets Layer) is a cryptographic protocol that authenticates the data exchange between a client and server. Put simply, it ensures the client such as someone connecting to your website can establish a secure connection with your server. The data is encrypted over this secure connection, this means it’s scrambled in such a way that it can’t be easily read (otherwise known as cipher-text).

Other terminology of the SSL protocol includes Public Key Certificate or TLS (Transport Layer Security). TLS, just like SSL is a cryptographic protocol but just a newer version. Actually, TLS supersedes SSL as the protocol is now considered as obsolete and insecure.

You can usually find out if a website has a valid SSL/TLS certificate by the padlock icon in the URL bar on your web browser. The HTTP part of the web address would also change to HTTPS, where S = Secure.

SSL Certificate
Note the https:// and the green padlock icon.

2.
So, sounds like a must then?

Yes, I agree. In fact so does Google. Websites that do not have SSL/TLS certificates (HTTPS), could allow web browsers to present the visitor with warnings to highlight the lack of security. Google Chrome usually does this in a full screen window which can make the user think twice before progressing.

Google uses a very complicated set of website ranking algorithms to determine the order of search results that appear on the search page. These algorithms give websites a ‘Score’. Having a HTTPS connection will improve your website score and potentially improve your website rank over other websites. This means secure websites could be ranked higher on a google search page than non-secure websites, potentially improving website visibility as a SSL/TLS certificate is also a factor of trustworthiness.

Today we’d like to announce that we’re adjusting our indexing system to look for more HTTPS pages. Specifically, we’ll start crawling HTTPS equivalents of HTTP pages, even when the former are not linked to from any page. When two URLs from the same domain appear to have the same content but are served over different protocol schemes, we’ll typically choose to index the HTTPS URL.

– Google (https://webmasters.googleblog.com/2015/12/indexing-https-pages-by-default.html)

3.
Can I not have one?

As a typical rule, if you want/need to protect your website data in storage, processing and transmission between a user and server, a SSL/TLS certificate is highly recommended. Examples could include a contact form where a user inputs their email and message, or asking the user for payment details.

“Brochure-style” websites, or self-promoting websites such as a photographer with contact information and portfolio images may not necessarily require a SSL/TLS certificate. Here, there would not be a transfer of personal or ‘important’ data between the client and server with an explicit need for encryption.

An SSL/TLS certificate will:

  • Improve Visitor Trust
  • Improve Search Engine Ranking
  • Appear More Trustworthy
  • Encrypts Server-Client Data
  • Allow Websites To Take Online Payments

4.
How do I get a SSL/TLS Certificate?

There are lots of ways to get that reassuring green padlock on a website. Providers such as GoDaddy will cost around £59.99/yr for a certificate and others can be significantly more.

If you know your coding, you can go through a company called ZeroSSL where you can programmatically allocate the certificate into the the web hosting provider of your website. Doing this for the first time will give you at least 1 FREE 90-day certificate for your own domain. Paid subscription plans provide more certificates to be used for other domain names.

If you are looking for a SSL/TLS Certificate for your website, we provide cheap and flexible plans where all of the hard work is done for you. Take a look!

Looking for a website? We also offer website package starting at just £359. Bespoke mobile-friendly design as standard. Take a look!

Leave a Reply

Your email address will not be published. Required fields are marked *