We get a lot of support questions about “SSL” and most people are confused about the same things. You may be wondering whether to add an SSL certificate to your site. Maybe you’ve just added an e-commerce section to your website, or you’ve heard that it’s “the way of the future.” Adding an SSL certificate does add a layer of security to your website, but what is it and how does it help? Let’s go over some basics about SSL certificates and why you might want one for your website.
What is SSL?
SSL stands for Secure Sockets Layers, and is a security protocol that establishes encryption between a website and a browser. In other words, SSL allows a browser and a website to talk without anyone else listening in. The two primary technical goals of SSL are encryption and authentication. Encryption hides sensitive data from public view, and authentication confirms to the outside world that you are who you say you are and not an imposter.
When you install an SSL certificate on your website, you’re essentially setting up a private connection, protected from eavesdropping, for your users to send or receive sensitive data on your website. That sensitive data can range from your users sending you their email address when they sign up for your newsletter to credit card information for an online purchase. The encryption part of SSL protects that transfer of information.
With the authentication part, your users will see confirmation from a trusted third party you actually own your domain. This is displayed in the form of a green lock in the browser next to your website’s URL, and your URL will include an “https” in it.
Both of these aspects of SSL can give your visitors confidence that the information they share on your website is safe.
What are some other benefits of having an SSL certificate on my site?
Because your SSL certificate provides encryption and authentication for your website, it also protects user data and provides a layer of protection against identity theft. In addition, if you’re running credit card transactions on your website, you must be compliant with Payment Card Industry (PCI) Data Security Standards. One of the primary requirements of PCI compliance is that your site actively uses an SSL certificate and is served on compliant web hosting. (We can help you get set up with PCI-compliant web hosting, too!).
Even if you’re not handling sensitive data or credit cards, SSL is still a good idea because it protects the privacy of the specific pages users visit, or any comments they post. That’s just good manners.
Is there any downtime or disadvantages with installing an SSL certificate on my site?
There’s no real downtime for your website when we install your SSL certificate. One very small disadvantage is that the encryption, especially at the beginning of the connection (loading your site), takes a smidge longer to serve a webpage. That is usually on the order of around 200 milliseconds, and the tradeoff in having the protection an SSL certificate provides is well worth it.
Agathon Group offers three main types of SSL certificates: 1) the Basic certificate provides an excellent starting point for our bloggers and costs $99 per year; 2) the “Green bar” (or “Extended Validation” or “EV”) certificate allows you to have your full organization name beside the green lock in browsers, and costs $199 per year; and 3) the Wildcard certificate allows you to secure as many services as you have running on the same domain (e.g., mail.example.com, www.example.com, store.example.com, etc.) and costs $399 per year.
There are other SSL providers out there, of course; if you purchased your SSL certificate from one of them, we’ll need to get some more information from you to move it over to our hosting environment. Contact support and we’ll help get that set up! If you are interested in purchasing an SSL certificate from us at Agathon Group, visit the Add-ons section of the Help Center to login or create an account, and purchase your certificate of choice. We’ll handle the install of any of our SSL certificates for free!
What do I need to do after having my SSL certificate installed?
You will want to update the Site URL from your WordPress Admin dashboard, under Settings → General, and ask your web developer to set up 301 redirects for you old URL to prevent external links to your posts pre-SSL from breaking. If you purchased from us, we’ll handle this part for you.
Bonus: Improved Search Rankings!
From Google’s own mouth, using SSL across your site can help boost your position in search results. Granted, it’s far less important than writing high quality content that people want to share, but every little bit helps!