“Do I need an SSL certificate?”

If you own or manage a website in 2018, then you must have an SSL certificate. It’s as simple as that.

“Why do I need an SSL?”

An SSL (Secure Sockets Layer) certificate is an added security measure for your site. This will ensure that no malicious access will be granted to your WordPress installation and files. In addition, SSL’s serve to boost your search engine ranking as Google penalizes those without one installed.

“What does an SSL do?”

An SSL certificate does several things. Its primary function is to protect your content and data so that it doesn’t fall into the wrong hands. Because your site data is sent from machine to machine when requested, there is a chance that somewhere along the line it will be stolen or copied. If you’re sending private information like passwords or credit card numbers without an SSL, that information will appear unencrypted on several machines before making it to its final destination. With an SSL, this information will be unintelligible until it arrives at the desired server.

An SSL certificate also makes certain that you’re sending your data to the right place. SSLs authenticate web requests, ensuring that your data is not sent to a spoof website along its journey.

Finally, an SSL certificate builds trust. This is not only true for your users, who will feel more comfortable submitting personal data to your site. Google has started pushing internet property owners to install SSL certificates by docking their search engine ranking. Additionally, should you collect data, you’re at risk of having your site deemed “Dangerous” and taken offline by Google bots. I’m not lying, folks. I’ve seen it happen:


“Well, I didn’t have one before and I was fine – what’s changed?”

Until July of 2018, an SSL was largely an optional security feature for websites. Since then, Google has been pushing (bullying is the term that I’d rather use) people to use SSL certificates.

Technically you can still have a site that lacks an SSL. It will display just fine and users won’t notice any change to the page design whether you have one or not. You will, however, be at risk for everything previously detailed.

“How do I know I can trust an SSL?”

You can check the status of a site’s SSL with an online tool. Phony SSLs are not common, but you can never be too careful. After all, that’s why we’re talking about security.

“How can I get an SSL?”

If you’re one of our clients, we would be happy to help you set up your new SSL certificate! Give us a call, or email me directly (Simon@Roundpeg.biz) to begin the conversation.

If you’re tackling this on your own, reach out to your hosting provider. They will issue the certificate for you, but your web developer may still need to shore up some mixed content errors.

“What is going to change with my website?”

You may notice that your web address is going to change from http://mysite.com to https://mysite.com with the installation of an SSL certificate. This can cause those previously mentioned mixed content and display errors. If you’re doing this on your own, try using Really Simple SSL to connect your site with the certificate. Plugins like Velvet Blues help you remedy the http/https discrepancy in your content and media. Having trouble with that mixed content? Try using SSL Insecure Content Fixer. Plugins to the rescue!

 More on this topic: 

Simon and Lorraine spent some time chatting about this topic recently. Listen to the episode now:
Like what you heard? Subscribe now https://roundpeg.podbean.com/