Secure Sockets Layer, also known as SSL, is a security technology that provides encryption between a client and a webserver. To understand this a bit more simply, a “client” is a web browser like Chrome or Safari, and a “webserver” is your website or online store.
An easy way to tell if the website you are visiting has an SSL certificate installed is to look in your browser’s address bar to see if the URL starts with HTTP or HTTPS. If the URL begins with an HTTPS, you are safely browsing on a site using SSL.
In this post, we are going to explain what SSL is and why it is a must-have for your WordPress website in 2020.
Why Is SSL So Important?
Not having an SSL certificate in 2020 is expensive. Why? If you don’t have SSL enabled on your website, it will be harder for potential customers to discover your existence and those who do find your site may be scared away from giving you any money.
Anytime we make an online purchase, there is communication that happens between your browser and the online shop. For example, when we enter our credit card number into our browser, our browser will share the number with the online store. After the store receives the payment, it then tells your browser to let you know that your purchase was successful.
One thing to keep in mind about the information shared between our browser and the store’s server is that the information makes several stops in the transit. SSL provides encryption to the communication to ensure that our credit card isn’t seen until it reaches the final destination of the store’s server.
To better understand how encryption works, think about how our purchases get delivered. If you’ve ever tracked the delivery status of an online purchase, you would have seen that your order made several stops before arriving at your home. If the seller didn’t properly package your purchase, it would be easy for people to see what you purchased.
SSL is a crucial tool in preventing bad guys from intercepting sensitive information like passwords and credit card numbers that are shared between the client and webserver.
Why is an SSL Certificate a Must-Have for Every Website?
The security benefits you gain from having an SSL certificate on your website is enough to make it a must-have for any website. However, to encourage everyone to protect their site visitors, web browsers and search engines have created negative incentives to encourage everyone to use SSL. In this section, we will cover the costly consequences of not enabling SSL on your website.
1. Not Having SSL Enabled Will Hurt Your SEO Rankings
Search Engine Optimization or SEO is the process of optimizing your website to be discovered organically through search engine result pages. The benefit of SEO is that it is an excellent way for you to increase the organic and unpaid traffic to your site. If you sell a bread baking course, you want your website to be on the first page of results for someone searching Google, or Duck Duck Go for a bread baking course.
Without SSL enabled on your site, search engines will penalize you and downgrade your rankings. One of the metrics Google uses to rank websites in their search results is trustworthiness. It is Google’s best interest not to send its users to unsafe websites, so trustworthiness is heavily weighted in their ranking algorithm. With SSL adding so much security, it is a significant part of how Google scores a website’s trustworthiness.
Moving your site from HTTP to HTTPS by adding an SSL certificate is one of the easiest methods of increasing your website’s Search Engine Optimization.
2. Browsers Mark Non-SSL Sites as Not-Secure
Another way not having SSL enabled on will cost you is that your visitor’s browser will warn them that your site is not secure. As we mentioned earlier, after you install an SSL certificate on your website, your site’s URL will change form http://yourwebsite.com to https://yourwebsite/com. Chrome, for example, will mark HTTPS-encrypted webpages as secure with a locked padlock. Alternatively, Chrome will replace the locked padlock for all HTTP-non encrypted webpages with the text
I won’t shop on websites that are marked as insecure by my browser, and I am not the only one who won’t. According to a study by GlobalSign, 85% of online shoppers avoid unsecured websites. Keep in mind, that in 2020 it is vital to have all of your sites using HTTPS and not just your login and checkout pages. A potential customer may not make it to a secure checkout if the store pages are marked as Not Secure by their web browser.
3. You Can Lose Potential Customers
Protecting your customers is the essential reason to enable SSL on your website. If they are willing to entrust you with their business, the least you can do is reward that trust by protecting them with the power of encryption.
If a hacker can steal your customer’s credit card details due to the lack of encryption on your website, you will not only lose their trust, but you will lose any of their future business.
How Can I Tell If My Website Has SSL Enabled?
An easy way to tell if your website has an SSL certificate installed is to look in your browser’s address bar to see if the URL starts with HTTP or HTTPS. If the URL begins with an HTTPS, your website is secured with SSL.
You can also use an SSL checker like SSL Labs. An SSL checker will scan your site for an SSL certificate and will let you know when your SSL certificate is set to expire.
How Can I Install an SSL Certificate on My WordPress Website?
If your WordPress website is lacking SSL, the first thing you should do is to ask your hosting provider to see if they provide a free SSL certificate and configuration. In 2020, most hosting companies include SSL in their hosting packages. For example, iThemes Hosting provides and manages SSL for every website.
If your host doesn’t provide you with a free SSL certificate, don’t worry, there are still plenty of other options.
Cloudflare offers a free shared SSL certificate for WordPress websites. If you would prefer not to have a shared SSL certificate and you are comfortable with the command line, CertBot is an excellent option. Certbot not only creates a free SSL certificate using Let’s Encrypt for you, but it will also automatically manage the renewal of the certificate for you.
Wrapping Up: SSL For 2020
Having SSL enabled on your WordPress website is a must in 2020. SSL secures the communication between you and your customers, improves your SEO, and gives your site’s visitors the comfort that they are safe while browsing your website.