You certainly have seen several websites with https in their link. In such website you see a padlock symbol followed by ‘Secure’ in the address bar of your web browser. These are actually the websites secured with SSL certificate. What actually is SSL? How does it make your website secure? Should I protect my WordPress website with SSL certificate? These are the questions that we’re going to deal in this article.
What is SSL?
SSL is the standard security technology to establish encrypted data exchange between web server and web browser. SSL stands for Secure Sockets Layer. It ensures that data being shared between web server and a browser is private and integral. It has been used by millions of websites to keep their online transaction and data transfer highly secure. Even our website also uses SSL.
If your website is secured by SSL, browsers make request to your server with https link rather than http. On the first request, your web server replies with your SSL certificate. Browser checks the certificate and verifies if it can trust it. It checks if the certification authority can be trusted and if your certificate hasn’t expired. If it cannot trust the certificate (generally happens in case of self-signed certificate) and if the certificate has expired, it warns the viewer about the security risks and recommends not to use the website. When browser finds it trustworthy, it then requests the web server for more data of the page. On receiving such request, web server starts sending the encrypted data. Your browser decrypts it with public key and then displays it to you. Your browser also encrypts the data when it sends it to sever. This way secure exchange of data then continues in the session.
Why should I use SSL certificate on my WordPress website?
There are primarily two major reasons for which you’d like to use SSL certificate on your WordPress website: data security and SEO benefit.
Data security by SSL certificate
Data security first and the foremost importance of using secured connection. If your WordPress website is online shopping site, or have to do data exchange of sensitive data like credit card details or even if privacy of data being exchanged is very important, in that case you must use SSL certificate in your website. If you use SSL certificate, your customers can trust you. Else, they wouldn’t use your service.
You may have seen https links in all email services like gmail, yahoo, etc. It’s all for data privacy. With SSL certificate, we can be ensured that emails that we received isn’t tampered and stolen anywhere in between server and browser. If somebody tries to steal data, what they get is highly encrypted data which is of no use to them.
SEO benefit on https website
Google has announced that if is providing ranking benefit to https website secured by SSL certificate. If two pages have similar SEO weightage, Google will now show the page protected with SSL certificate before the one with http link. It is certainly big boost as you’re going to beat your non-https competitors easily without doing anything special. In my personal experience, I’ve seen the links of websites with https links more often in first page of google search. So, I’m sure that they are getting some SEO benefit just for having SSL certificate in their website.
Protecting your website with SSL certificate is always the good idea. But, while moving to https, you need to be clear about the complexities as well. First of all, most of the certification authorities charge you for SSL certificate. Certificates have expiry date. So, you need to ensure that your website’s SSL certificate hasn’t expired. If it’s going to expire, you need to update it immediately. In addition to that, you need to understand that your website will be slightly slow (if well-managed it will be of few milliseconds only) when you use SSL certificate.
We’ll be discussing more about WordPress website security in upcoming articles as well. So, keep following WPCounsel.