This article will cover SSL, what it is, how it works, and why it is important for your blog to be using it in 2018 and beyond.
What is SSL?
SSL, Standing for Secure Sockets Layer, is a cryptographic protocol that is used to secure communication over the internet by securing the channel between the 2 devices (your PC and the server hosting the website) to ensure that no third part can snoop on the session, which is something that can be done by hackers on websites that are not secured with SSL.
You can tell a website is secure with SSL by simply looking at the URL, if it has a lock icon and the URL includes “https” then it is secured with SSL, if not, then the site is insecure and people can snoop on the session.
Why Do I Need It?
As a website owner, there are many reasons you could need SSL on your website, with some reasons being more important than others, but all being valid in their own way.
Traffic over SSL is completely secure, meaning any logins, comments, or payment details input are fully secure.
As a blog owner, SSL ensures that logging into the back end of your site, such as WP admin, will be secured, if not, someone could steal the packet containing your password and use it to log into your WordPress account without your consent. It also allows for contact form submissions and blog comments to be secured also.
If your website has user logins, then SSL ensures that the users username, email and password are secured when logging in, stopping people with access to their network from stealing their login packet.
A website that handles online payments or sells products will absolutely need an SSL certificate, as if not, someone could steal the clients payment details and use it to make payments without their consent, which if due to your website and lack of due diligence, can get you some massive fines and in trouble with the law.
Search engines are a great way of getting traffic, and when basic optimisation of your website is simple enough to do with plugins such as All in One SEO to help do most of the work, and gives the possibility to rank for low competition keywords and drive traffic that way, for free, it is 100% worth looking into and trying.
Google considers SSL as a ranking factor on your site, so SSL is an easy, and quick win that could help to improve your organic visibility on search engines.
Where Can I Get It?
That depends on your host and the level of control you have on your hosting and the level of honesty with your web host. SSL can cost depending on the certificate, but Lets Encrypt by EFF offers a completely free SSL certificate for your site that will fully secure it against hackers.
If you run a VPS or any form of server where you rent the hardware and have root SSH access, then you can use Certbot to get SSL up and running within 5 minutes to an hour, depending on operating system, level of access and comfort doing this like this.
For shared hosting, you are at the mercy of the website host, if the site runs cPanel, there is a possibility that the lets encrypt plugin is installed, meaning easy setup of Lets Encrypt on your website. You can also open a ticket with your web host and ask, or have a look to see if your hosting provider is one of the hosts that lets encrypt say they support.
You can also view the Getting Started section to see other ways of getting Lets Encrypt running on your website.
Alternatively, depending on the level of hassle you can be bothered with, you could always just buy an SSL certificate from the web host, they normally cost anywhere from £10 – £100 a year.
Making WordPress Run Over SSL
Getting WordPress to run over SSL is fairly simple, the WP admin backend will automatically be ran over SSL if a certificate is found, but to make the rest of your site run over SSL, you need go go Settings > General > Site Address (URL)/WordPress Address (URL) and add an “s” to the URL to make it run over SSL. Then check through your site and see if all is well.
Sometimes, depending on how the site is built or the WP theme/plugins in use, the site will have some pages that aren’t fully running over SSL, ie an image is loading over http or something like that. This can be fixed fairly easily with really simple ssl, which allows you to press one button once the plugin is installed to fix all of these sort of issues.
For virtually every site, having SSL is necessary, or at least highly advisable, with it offering many benefits from enhanced security to improved rankings. For many people, there is no reason not to use SSL, as thanks to things like Lets Encrypt, there is no additional cost or risk associated, meaning all benefits and no drawbacks!
Do you have any questions or comments regarding the use of SSL? Then feel free to comment them below!