HTTPS & SSL

Journal

SSL? HTTPS? The Union guide to what it is and why you need it for your website

It may feel like Google has developed a touch of paranoia over the last year, with a focus on internet security and restriction of search results for unencrypted websites. Their justification, however, is sound and aims to protect us all while we are online.

To get to the point, if your company has a website, it is critical to implement an SSL certificate on the site - without one, your website visitors will have their browsing experience interrupted with a scary warning that their connection to your site is not secure. Whilst the savvy web user will navigate past this warning without much worry, for the majority of web users, the warning will be enough to find them hitting the back button - and off to your competitors secure website.

As if the immediate warning wasn't enough, Google will also penalise unsecure websites in search engine rankings - regardless of your current rankings or pay per click advertising. Higher rankings will be given to those sites who have implements SSL certificates and offer a secure environment for website users.

Google announced earlier this year that all unencrypted sites will be flagged by the end of 2017.

This means if your website doesn’t have an SSL certificate, it will display as ‘Not Secure’ in the URL bar.

What is SSL?

SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and integral.If you don’t have the SSL certificate, a secure connection cannot be established and your company information will not be digitally connected to a cryptographic key.

An SSL Certificate has following information:

  • Name of the holder
  • Serial number and expiration date
  • Copy of the certificate holder’s public key
  • Digital Signature of the certificate-issuing authority

So, what should you do about it?

There are various options out there for implementing an SSL certificate on your website, and we can talk you through the most suitable for your business, and take care of the purchase, set up and management of the SSL certificate.

There are a number of steps involved:

  • Purchase SSL certificate and setup relevant credentials
  • Install on your domain(s) - if you use both http://www.example.com and http://example.com you would need two SSL certificates or a multi-site certificate
  • Reconfigure your domain/server settings to force use of https:// instead of http:// (https:// shows that your site has a valid SSL certificate installed)
  • Test and check for mixed content - if your site uses external images/links/iframes/plugins that are not served from a site with their own SSL certificate, your site may still be flagged as insecure - our checks ensure any mixed content is taken care of, giving your site visitors the green light to safe browsing.

If you'd like to discuss implementing an SSL certificate on your website/websites, please email tom@thisisunion.com, we can talk you through the process and take the stress out of online security.

#
It may feel like Google has developed a touch of paranoia over the last year, with a focus on internet security and restriction of search results for… Read more >
#
Don’t be THAT client that waits until it’s too late. Be the smarter ones who understand that it’s an all year long game, and give your agency a fighting chance… Read more >