In the past, websites that primarily sold products had SSL (Secure Socket Layer) certificates. These certificates gave online visitors peace of mind that their credit card and personal information could not be intercepted by third parties. With a growing emphasis on improved security on the web, SSL Certificates are becoming standard practice.
HTTP vs. HTTPS
HTTP stands for Hypertext Transfer Protocol. HTTP is the method used to (protocol) transfer information (data) from a web server to your web browser (Chrome, Firefox or Safari, for example) so you can view web pages.
HTTPS is just like HTTP but in this case, the transfer of information is “secure”—that’s what the ‘s’ stands for—secure. When you add an SSL Certificate to your website, you protect the information your site visitors share with you—through encryption.
Why You Should Enable HTTPS for Your SiteAdd an SSL certificate to your site for security & search #SEO #HTTPS #GoogleClick To Tweet
As Google said in a post back in 2014:
… we’re also working to make the Internet safer more broadly. A big part of that is making sure that websites people access from Google are secure … Over recent months we’ve been running tests taking into account whether sites use secure, encrypted connections as a signal in our search ranking algorithms. We’ve seen positive results, so we’re starting to use HTTPS as a ranking signal …
So by enabling HTTPS for your site, you’ll improve your ranking in Google Search and make your WordPress website more secure.
Several Browsers Indicate Sites With(out) HTTPS
Recently browsers made it more obvious if a site had an SSL Certificate.
- Chrome: Uses the word “Secure” with a lock in green in the address bar
- Firefox: Displays a green lock
- Safari: Displays the lock (not necessarily in green) or the URL in green
In all browsers, if your cursor is in the address bar, you will see the https://yourdomain.com, in case you’re still unsure.
Introducing Let’s Encrypt SSL Certificate
Let’s Encrypt is a free, automated, and open certificate authority, run for the public’s benefit. Let’s Encrypt offers this free service to “create a more secure and privacy-respecting Web.” Let’s Encrypt Certificate are also fully-automated. This means that once you have configured your site’s certificate, most hosting companies will auto-renew them for you.
Some of our favourite hosts support Let’s Encrypt—making it easy for website owners to offer added security to their websites.
- If you’re with WP Engine, they have a great walkthrough in the User Portal so you can add a free Let’s Encrypt SSL Certificate.
- Flywheel also offers Let’s Encrypt through their Simple SSL. If Flywheel is your host, you can follow their instructions here.
Check if your hosting provider supports Let’s Encrypt.
Get Your SSL Certificate
We highly recommend that you install an SSL Certificate for your website. Why?
- Google will return the love if you get an SSL Certificate. You may enjoy better rankings. In the least, your site will not be punished for the absence of HTTPS.
- You site visitors may also return the love through better conversions. Better site security will provide additional comfort to your website visitors. This may improve site conversions—whether that’s a purchase, an email sign up or a subscription.
- Thanks to Let’s Encrypt, SSL Certificates can be free through your host. Check to find out.
- An SSL certificate adds another layer of security for your WordPress admin dashboard. SSL prevents hackers from spoofing your username and password at login.
Back to you: Have you added an SSL Certificate to your site? Have you seen improvements as a result? Leave us a comment and let us know.