For those of you who hate anything remotely technical and cringe at the words “Google” and “SSL”, here is a quick overview of the content of this post. Some changes Google have planned for the Chrome browser in January 2017 means any site that doesn’t have an SSL will be marked as insecure – and therefore will appear unsafe to visitors. Shock horror!
Final comment in italics, so we can get into it – this blog post was first published in 2016, but as the content is still relevant, I’m updating now in 2018. Nice!
Some of you might be wondering what an SSL and Google have in common.
Or maybe you’re wondering what an SSL even is? Perhaps you are saying “Eeeek! Leave me alone! I don’t like to talk Google”.
Well my friends hang in there as this is important. So stay with me…grab a coffee (or wine) if need be. I won’t get too technical promise.
First for those who don’t know what “SSL” means, let’s discuss. SSL means “Secure Sockets Layer” – in very simple terms it means data passed to and from your browser to the site is safe and secure. What sort of data? Well if you have an online store then the payments are data. You don’t want a customer to buy a book from your online store and suddenly their credit card details to end up in the wrong hands, right? No – of course not!
Simple as that (well for our purposes). Just know SSL = very good 👍
But why is this important for my website? I don’t have a shop?
Yes I get it, but read on. The SSL can help your website in two ways.
When you sit down and type your search into Google, the little google bots search the web for results to return. Sites with an SSL are seen as “safe”, which gives them bonus points. In theory (and ignoring other factors), if you have an SSL you’ll rank higher than someone who doesn’t for the same keywords. Note I said in theory. It’s a minor factor, but a factor none the less.
Having an SSL also means you appear safer to customers. Having an SSL gives your site credibility and makes you look legit. I know when I’m googling for things and have to make a choice between two sites, I’ll always buy from the one who seems more legit – don’t you? If you’re running a professional business then it makes sense to tick all the boxes.
Ok wait a minute – how do you know if a site has an SSL?
Easy, have a look at the web address in your browser (the below pic shows Chrome, but whatever you open to “go online”, that’s your browser). Take note of the first part – a site with an SSL will be “https” – a site without SSL will be “http”. You will also note on my image below (other browsers are different) there is a little green lock. Naturally, green means good!
Before we move on, please note there are exceptions. I”ve had a few clients who do have an SSL (through their webhost), but it just isn’t set up on their website yet. There are some online tools you can use to check this, but the quickest way is to go into your browser and type “https://” in front of your URL (i.e. https://kristymorton.com). If the site works, then you have an SSL. If you get any error messages, you most likely do not have an SSL.
A sidenote – WordPress and SSL – Insecure Content Issues
For wordpress users, be aware you can have an SSL installed but have “insecure content”. What is that? Basically it means the SSL is installed, but something is compromising the safety it provides (i.e. images or links looking to http, not https). Not good. This can be fixed easily enough and you will be able to get back to lovely green padlock status!
How do you know if this has occured on your site? Simple. The site will load as “https” however the green lock will disappear.
So what do we do now then about this SSL business?
Simple again. Go get one. Yes I know, you want to hear more about some options, right? Ok fair enough.
So what do we do? You have three options:
- Do nothing (zero points)
Take no action and hope for the best. If you have an online store and don’t have an SSL, hopefully the details you’re collecting are secure due to your payment gateway (such as Paypal). Fingers crossed.
- Spend $$$ (points for this one)
Purchase an SSL certificate through your webhost (or another provider). Some companies offer free SSL’s with domain registration, as do some webhosts with hosting. If not you will have to pay a yearly fee to hold one. The cost is between $50 to $100 or more depending on the option you choose.
Certificates can be annoying as you have to renew them each year, but if your host offers them for free take advantage!
- Try Something Free (points + bonus points!)
If you want to be clever and your webhost doesn’t offer free certificates, you could use a “proxy” service such as CloudFlare. This means your site “runs” through CloudFlare first, who provide the SSL, so your site shows over https. Technically, though you are not 100% covered by the SSL…but let’s not go into that here. CloudFlare also offers extra benefits such as speed and security improvements…but again a discussion for another day!
If I’ve totally confused you, here is a to do list:
- If you’re unsure whether you have an SSL, do the little checks I showed above. If you have an SSL, check for insecure content on your website pages. If you don’t have an SSL, move onto step 2.
- Contact your webhost to see what your SSL options are. Hopefully they offer them for free, in which case they can install it on their side and then you will need to do some updates on your side.
- If they don’t offer one for free, you can either buy one or set up something like Cloudflare.
If you run an online business you should be thinking of your website as your business premises. Without an SSL it’s like you’re leaving the door of your shop unlocked and putting a sign on the door saying, “my business should not be trusted”. Not good! Plus, in the future the web will move to an SSL being the standard, so why not get in now and be ready?
Nothing is static when you have a website. Everything is constantly changing. So make sure you give your site some love! Or at least, don’t ignore it. If you’re unsure about your SSL, send me an enquiry and we can chat!
This article has a great, tongue in cheek way of explaining how the browser changes could impact business…
Hey, I’m Kristy
Kristy Morton is a mother, multiple business owner and numbers gal. She runs a web development consultancy, specialising in WordPress websites. Kristy combines her excellent technical knowledge with her ability to translate this into ways that are understandable to the average person, so her clients feel informed and in control of how their websites are developed and managed. She is also the Co-Founder of B Directory where the team is supercharging small business growth.
Despite seeming like an overachiever, Kristy admits to always be chasing the sun, a simple life and one more homemade chocolate.