HTTPS - SSL for Websites

SSL or Secure Sockets Layer certificates protect your information from being intercepted by hackers as it is transmitted from your browser to server. More entrepreneurs are migrating their businesses from traditional brick-and-mortar to the Internet. This leads to more online transactions which involve confidential data being transferred between two parties.

But there is a third party lurking in the Internet. One with malicious intent. These unscrupulous groups or individuals are the hackers and they will stop at nothing to steal what you have for their own selfish gain.

Having an SSL certificate will help foil their diabolical plans, protect your customers and enhance the security and integrity of your e-commerce website. These certificates are not expensive to secure and are easy to install and manage. Best of all, they will give you peace of mind that you; and not the bad guys, will reap the fruits of your labor.

The Lure of the Internet and Why You Need SSL Now More Than Ever

In the United States alone, e-commerce generated revenues of $394.86 Billion in 2016. This amount represented 42% growth of the total retail industry for the year. By comparison, global sales of e-commerce in 2016 totaled $1.859 Trillion and is projected to hit $4.479 Trillion by 2021.

An online business is easier to manage while giving you access to a population of billions who scour the Internet everyday for information and the best deals. But these websites are also under constant attack from unethical groups or individuals who want to take what you have worked hard for.

Hackers are well aware of the huge growth potential of Internet- based businesses over the next few years. Unfortunately the vast market of opportunities offered by the Internet for you to grow your business also increases your level of vulnerability from malicious attacks.

Your website can be compromised in many different ways. It is not just identity theft or loss of data you should worry about. Hackers can upload inappropriate content on your website and destroy your online reputation.

And some of them do it for fun. They don’t get paid. Think of it as earning their “Internet Cred” or building their own hacking reputation at your expense.

Getting SSL Certificates is No Longer a Choice

We wrote about SSL in an earlier article, “SSL: What It Is And Why Your Business Needs It”. But we believe there is more ground to cover regarding SSL. We also want to stress the urgency for online businesses, especially those involved in e-commerce, to secure SSL certificates.

In fact, getting SSL certificates for your website is no longer a choice.

You should get them to protect your website from being attacked because the hackers will not stop until they have taken what you already have.

If you want to learn about the economic cost of hacking to your business and the frequency of these attacks, you can refer to our article, “How to Protect Your Website from Hackers”.

No surprise that getting SSL certificates is listed as one of the most important courses of action.

But securing your website is not the only benefit from procuring SSL. As you will find out later in this article, these certificates can also give your website a boost in the search rankings!

 What is SSL?

Earlier we gave our definition of SSL. However to get a better understanding of these certificates, what they can do and the entire encryption process, let’s look at the textbook definition of SSL:

SSL is the standard security technology for creating an encrypted link between a web server and a browser which ensures that all data passed between the web server and browser remain private.

The best way to understand the definition is to break down the process of transmitting data from browser to web server:

  • You click on a link of special interest and end up on a web page with a form that requires you to provide information. Depending on the type of form, the required information could include your address, phone number, Social Security Number, Driver’s License or birth date.
  • Once you click “Send”, the information is transmitted from your browser to the web server. It is during this process of transmission that the information can be intercepted by hackers. How?
  • The most common method is for the hacker to upload a “listening program” on the server that is hosting the website.
  • When you start typing in the information, the listening program will capture the data and send it to the hacker.

How does having SSL Certificates prevent your information from being intercepted by hackers?

With the SSL, your browser will form a connection with the web server. It will identify the data on the certificates and once confirmed, will establish a powerful link with the web server so that no one else will be able to see the information.

How can you tell that a website has SSL certificates? There are two ways to determine if a website has been secured with SSL:

  1. The URL indicates “https://” instead of “http://”. The “s” is the difference.
  2. Depending on your browser, you will see a padlock icon on the left or right hand side of the URL.

Is it still possible for a website to be unsecured even if the URL has either of these two indicators?

Yes if the certificates are invalid or expired!

If a website keeps asking for confidential information, it would be a good idea to check if the certificates are still valid:

  • If you are using Chrome, go to view > Developer’s Tools
  • Navigate the security tab to find out if the SSL Certificates are still valid.

In a future article we will discuss why it is absolutely important to keep track of the validity period of your SSL Certificates. Many businesses; large corporations included, had their systems and databases compromised because they did not manage their certificates responsibly.

Will Having SSL Improve Your Search Rankings?

In 2014, Google announced that it would include SSL as a factor in its search ranking algorithm. The search ranking giant said that between two websites the one with SSL will outrank the one without.

Google’s purpose for including SSL was to encourage website owners to prioritize security for their customers by getting  the certificates.

A study by HubSpot showed that 85% of Internet users will abandon the search if the site is not secured. Google’s research in January 2017 had similar results for websites that required users to disclose confidential information. You may have come across websites that carry the “not secure” warning. Chances are it made you forego exploring the site any further.

Google will be introducing version 62 of its Chrome browser. It will advise Internet users if the page they land on has forms but is not secured by SSL certificates.

For Internet users that go on incognito mode, Chrome will always identify websites that are not secured by SSL. For those that don’t go incognito, Chrome will reveal that the site is not secured once the user starts typing information onto the form.

Since Chrome is the dominant browser on the Internet, version 62 will definitely have an impact on the search rankings of e-commerce and other websites that integrate forms in their pages.

How to Get SSL Certificates For Your Website

Google has provided the following guidelines on how to get SSL Certificates for your website:

  • Identify the kind of certificate you need: Single, multi-domain or wildcard.
  • Choose 2048-bit key certificates.
  • Choose relative URLs for resources that reside on the same secure domain.
  • Use protocol relative URLs for all other domains.
  • Don’t prevent robots.txt from crawling your website.
  • Enable search engines to index your web pages whenever possible.
  • Do not use the noindex robots meta tag.

If this all seems confusing to you, just leave it to us to help you secure your SSL Certificates.

It is always a good idea to have professional webmasters handle the technical aspects of your website. Plus these certificates have an expiration period of one year. As previously mentioned, if your certificates expire, your website will be left unsecured.

We will make sure your SSL Certificates are managed and updated as necessary. As you will find out in a forthcoming article, websites that are covered by SSL are facing a new kind of threat. It is no longer just enough to simply have the certificates. You must manage them responsibly.

We hope that you enjoyed reading this article as much as we did writing it. Website security is more important today than ever before as hackers are getting aggressive with their methods.

If you want to learn more about SSL and how to get the certificates for your website, please do not hesitate to give us a call or an email.