Why Your Website Needs an SSL

By March 12, 2017blog

And Which SSL to Choose? It’s a Trust Thing

Website SSL Certificates and Google SEOWebsite security may not be atop your priority list, but it should be. There are great resources out there that make securing your site easier than you think. Plus, there’s a little added incentive to do so that is good for your site in a different way. Starting with the basics:

What is an SSL? HTTPS Websites?

SSL stands for Secure Socket Layer also known as a Digital Certificate or SSL Certificate. It creates a secure connection between the website a user is visiting and the browser they’re using. Once installed correctly, a protected website will display “https” (as opposed to “http”) and usually a grey or green lock icon. What is HTTPS you ask? HyperText Transfer Protocol Secure. More trusted SSL versions, such as Extended Validation (EV), will display the full company name in green as a higher level of trusted backing. See here:

Guide to Website SSL Secure Web Development

Why Do I Need an SSL? Google. That’s why.

In previous times, most agencies and web developers would recommend an SSL mostly to E-commerce or Membership websites who accept private and/or payment information as an added layer of security. However, in the the summer of 2014, an official Google blog was released letting the world know that they had started using Secure Socket Layers as a ranking factor. Google included that they would be introducing the importance of SSL over time, making the switch to secure connection more and more important. They stated, “But over time, we may decide to strengthen it, because we’d like to encourage all website owners to switch from HTTP to HTTPS to keep everyone safe on the web.” Websites that add SSL certificates can see an immediate bump in their Google rankings. And let’s face it. Google rankings are important to the success of your business.

Be sure you or your web developer know how to properly set up your SSL so that you’re getting full use and validation from it.

  • Be sure that the elements used on your site’s pages are also secure (fonts, externally sourced images, javascript, supplementary css files, etc.). Otherwise, you may wonder why you’re not seeing the complete green lock icon in the URL bar of your site.
  • Confirm that you use relative paths as links throughout your site.
  • Ensure that you have the proper site-wide, or sub-directory, redirects to the SSL version of your website’s URL. E.g. all http requests should redirect to https.
website security and web development raleigh nc

What Type of SSL Do I Need?

There are three main types of Secure Socket Layers available, and they range from $10 per year to over $650 per year depending on from whom you buy them. The difference? Trust factor.

Domain Validated (DV) Certificate (~$10 / year*) – These are the cheapest versions of SSL available and are usually the fastest to install. These providers of DV certificates have validated that the purchaser owns, or has admin access to, the hosting server of that domain to install the CSR (Certificate Signing Request). However, there has usually been zero effort to validate if the business behind the website is legitimate. In the end, this certainly adds website security and is better than not having one at all, although more can be done to validate that the business actually is who they say they are.

Organization Validated (OV) Certificates (~$100 / year*) – This mid-range SSL picks up where the DV leaves off. OV Certificates are strictly authenticated by actual humans using data found on government records. In order to be approved for an OV certificate, the company usually has to provide documents and will be contacted directly by the issuing agent for some personal vetting. This certificate conforms to the X.509 RFC standards, and is ideal for a commercial, public-facing website.

Extended Validation (EV) Certificates (~$250-$650 / year*) – This top-of-the-line SSL Certificate provides the absolute highest trust factor to customers/viewers. It includes the full name, in green, of the validated organization in the URL bar. The EV certificate is the hardest for hackers/fake businesses to impersonate, as the Green Bar cannot be triggered without a trusted EV certificate. EV Certificates require much stricter vetting and the requirements follow that of the Guidelines for Extended Validation.
* Prices are estimated to be an average costs among several SSL providers. Additional source: Symantec

See Why Our Process Works So Well

Learn about other facets of marketing and how we roll.

2017 Web Design Process