Don’t have an SSL certificate for your site? Google and other browsers will report your website as insecure!
We already use the internet for everything. From sales to purchases. With this dominant trend, online security has become a necessity. Undoubtedly, Google loves its users and therefore invents all possible ways to make us feel safe here on the Internet. With a message on its security blog, Google announced that it will signal the entire unencrypted Internet by the end of 2017. The ditch is already a fact that you may have noticed in your browser. If you visit a website that doesn’t have an SSL certificate, you’ve probably noticed this in your browser:
What is HTTPS
HTTPS (Hypertext Transfer Protocol Secure) is an Internet communication protocol that protects the integrity and confidentiality of data between a user’s computer and the site he is visiting. Users expect a secure and personal online experience when using a website.
Data sent over HTTPS is protected by the Transport Layer Protection Protocol (TLS), which provides three key layers of protection:
- Encryption – encrypt the exchanged data to protect the connection from eavesdropping. This means that while a user is browsing a website with a valid SSL certificate, no one can “listen to” their conversations, track their activities on different pages or steal the information entered in different forms.
- Data integrity – The data cannot be modified or damaged during the transfer, intentionally or otherwise, without being discovered.
- Authentication – proves that your users are communicating with the intended website. This protects against “middle-down” attacks and builds consumer confidence, which translates into other business benefits.
Why would Google and other browsers mark pages without an SSL certificate as insecure?
Studies show that users do not perceive the lack of a “secure” icon as a warning, but also that users remain blind to warnings that appear too often. Off Google Chrome’s 56, HTTP pages with password fields or credit card forms are marked as “insecure” due to their particularly sensitive nature. The same thing happens with Mozilla Firefox from version 51. And from version 68 of Chrome, all pages without an SSL certificate, regardless of their content, are marked as insecure.
What do I get if my page has an SSL certificate?
- You build trust in site visitors
Ensuring that you have a secure website will make it more reliable. Instead of the message “not secure” next to your URL, there will be a lock symbol indicating that the connection is secure.
- You get credibility from search engines
It is not only will you develop trust in the people who visit the site, but your ranking on Google will also be better. Fixing the issue “your connection is insecure” is a great way to increase your SEO rank.
- You ensure safety for you and the site visitors
Did you know that hackers attack websites on the Internet on average once every 39 seconds? The SSL certificate provides an invisible barrier that prevents these individuals from accessing your information and your customers’ personal information.
- You are experiencing higher conversions
The lack of security on your website can cause most people to leave the page before even seeing what you have to offer. You can avoid this loss of income by making sure you have everything right.
- You avoid repairs due to reduced security
It is much more expensive to repair a website or remove viruses from it than to protect it in advance. Take the extra step to add security to your site before it’s too late and you’re in a situation to clean up the mess of viruses left by hackers.
How do I know if the site is the one it is pretending to be?
The SSL certificate, in addition to encrypting the connection between the user and the site, also shows them that the site they have visited is exactly what it is. This can be checked very easily with a few mouse clicks. For example, if you visit a site with an invalid certificate and click the padlock before the URL, you’ll see the following warning:
Trusted certificates can only be issued by Certified Authority (CA) institutions. The list of these institutions is predefined in each browser, and when you visit a page, the issuer of the SSL certificate is checked with those on the list. A page with a valid certificate, such as blacktieshost.com, in Google Chrome, will look like this:
And if you click on the padlock in front of the URL and then on the certificate, you will be able to see detailed information about it: by whom it was issued, to whom it was issued, until when it is valid, etc.
While some time ago obtaining such a certificate cost time to fill out various forms, and not a small amount, thanks to the government organization Let’s Encrypt, now everyone can get a certificate for their site quickly, easily and for free. This feature is also built into our hosting control panel, and for each of our hosting plans such a certificate can be obtained with a click of the mouse, and then we take care of its automatic renewal when it expires. How to get your Let’s Encrypt SSL certificate with our hosting is described in more detail here.