THE ANSWER IS YES IF YOU DO NOT HAVE AN SSL CERTIFICATE
INSTALLED ON YOUR WEBSITE.

SSL Certificate Shield

SSL CERTIFICATES:

WHAT ARE THEY? AND WHY DO I NEED ONE FOR MY WEBSITE?

If you haven’t installed an SSL certificate yet, now is the time. Google has been encouraging website owners to make the switch to HTTPS for quite a while. Starting in July 2018, Google will be displaying a “Not Secure” message in the browser URL field on websites that have not been secured yet:

Treatment of Unsecured Pages - Chrome

In Chrome 68, the omnibox will display “Not secure” for all HTTP pages. – Source: Chromium Blog

SSL Certificate Shield

Although there is no implementation date set yet, Chrome intends to make this messaging stronger over time. This is NOT what you want your customers to see as their first impression of your website.

Eventual treatment of unsecured pages in chrome

Source: Chromium Blog

Hold on… What is SSL?

Without getting too technical, SSL stands for Secure Sockets Layer. If you install an SSL certificate where you host your website, your website URL will start with “https” instead of “http”. This indicates a secure connection between your website and the visitor’s browser. Having a secure connection means that any information submitted on your website is encrypted before it’s sent to your web server so it can’t be hijacked by a third party.

Having a secure connection means that any information submitted on your website is encrypted before it’s sent to your web server so it can’t be hijacked by a third party.

Do I really need SSL?

I DON’T EVEN USE CHROME!

Maybe you don’t use Google Chrome so it doesn’t seem like a big deal to you – but as of April 2018, Chrome users account for 57% of the browser market share and their numbers are growing.

Even if you aren’t concerned about Chrome’s treatment of unsecured sites, privacy is becoming an increasingly important issue. In the past year we’ve seen companies like Facebook, eBay, Sears, Under Armour, Uber and many more all come under fire for data leaks. Even if the only information you collect on your website is contact information, you need to make sure there is no risk to your visitors. There has been a trend in legislation towards tighter regulation of personal data as it becomes clear how easy it is to misuse it.

Google Chrome Logo

Google accounts for 57% of browser market share

With over half of the world using Chrome, you should make sure that your site is secure.

What will happen if I don’t upgrade to SSL?

Higher Bounce Rates

Chrome users will see the warning that your site is insecure, and click back on their browser right away. This may cause a higher than normal bounce rate. A bounce rate is the percentage of visitors to your website who leave after viewing only one page for a short amount of time. A high bounce rate can contribute to lower search engine rankings because Google assumes the content on your page is not useful for the keyword being searched if a customer leaves your page quickly.

Lower Search Engine Rank

Your search engine ranking may drop slightly as Google will give secure websites preference in search results. This doesn’t mean that unsecured websites will fall to the bottom of the search results, but secured websites with similar ranking and authority will be shown before unsecured websites.

Low Trust Factor

Even if you don’t have an e-commerce website, if you are promoting a business or service and your website shows warnings that it’s not secure, you aren’t inspiring confidence in your brand. You may lose out on potential sales or leads without even realizing it.

Risking Customer Privacy

When you send unencrypted customer data back and forth between your website and the server, you have no way to protect your customer’s privacy. Depending on the type of data you collect, this could have major implications.

How much does an SSL certificate cost?

Cost can vary depending on the type of certificate you need and where you buy it from. The price can range from $4 a year to thousands of dollars for multi-domain and email server certificates. Some hosting providers include the cost in their hosting packages. The majority of people should be able to secure their website servers for under $100/yr.

Here are the three basic types of certificates that you can purchase:

Domain Validation (DV)

DV certificates confirm that the web pages are being served from the expected domain. There is no verification of the website owner, but the certificate verifies that they own the domain hosting the website. These can be issued within minutes and are generally under $10/year from discount providers. While not ideal for e-commerce websites, this type of certificate provides encryption suitable for basic websites.

Organization Validation (OV)

Before an OV certificate is issued, company credentials and website ownership are verified.This can take 1-3 days but provides customers with a higher level of trust. This is the type of certificate that would be suitable for most e-commerce websites.

Extended Validation (EV)

This type of certificate involves extensive verification of company credentials and can go so far as to check into bank accounts and business license registrations. An EV certificate signals the highest level of trust and when installed on your website your company name will appear in green before the web address in the browser. This is the type of certificate typically held by financial companies and other websites dealing with highly sensitive customer data. It can take 2-7 days to complete validation.

How do I install an SSL certificate?

Once you have purchased the right certificate, you can ask your website hosting company to install the certificate for you. This might be a service provided at an additional fee depending on your hosting package. You may also wish to ask your favourite agency (like Excentric) to do this for you.

Unfortunately, it’s not as simple as that. After your certificate has been installed, you will still see a warning that the site is not secure in your browser. To fix this, you will need to convert every link in the code of your website to every internal page, image, script and resource file to use http instead of https. Once complete, you will need to setup proper 301 redirects to indicate the new permanent URL of your website to Google and other web crawlers.

Ready to make your website secure?

WE MAKE HTTPS CONVERSION EASY!

Buy the certificate and leave the hard work to us. Use the contact form below to get a free quote.

    posted by Kristy Smith , TECHNICAL DIRECTOR

    Sorry, the comment form is closed at this time.