Secure Socket Layer (SSL) is a form of encrypted networking that performs data authentication and encryption directly with your internet connection. An SSL provides a secure connection between 2 clients, usually a website and its visitor by encrypting the connection completely. In 2020, SSL has become basically mandatory for websites due to the push by major browsers such as Google Chrome and Mozilla Firefox – both of which now show warnings to users who try use sites not secured by SSL. According to Google’s Transparency Report over 90% of all websites globally use a SSL certificate with the number growing almost 10% every year since 2016.
What is an SSL certificate?
An SSL certificate is a certificate issued by a certification authority that allows your website to use an encrypted connection through an SSL certificate that is issued through them.
Using a reputable certificate authority is paramount, as some authorities will not be recognized by major browsers. At Asura Hosting, we use certificates issued by Comodo, cPanel and Lets Encrypt, all of which are recognized by all major browsers.
There are 3 main types of SSL certificates
- Single Certificate – Used for only one web address / domain. Such as example.com.
- Multi-Level Certificate – Can be used on multiple versions of a domain but is limited to a certain amount, such as blog.example.com, example.com, secure.example.com, etc
- WildCard Certificate – Secures your entire site without any limitations, such as blog2.example.com, blog1.example.com, ssl.example.com, etc.
Good SSL practices
A few important steps you should take in order to use your SSL connection to its fullest.
- Always re-direct non-secure HTTP connections to HTTPS, this can be done in the form of a 301 re-direct.
- Make sure you link to only HTTPS versions of your site.
- Do not link to unsecure HTTP external sites, as this can cause browser warnings and can lead your sites users to a unsafe site.
- Make sure your SSL certificate is set to auto-renew (If using Asura Hosting, we do this automatically for you)
Is HTTPS and SSL the same?
No, but they both require each other to function. HTTPS (Hypertext Transfer Protocol Secure) is a secure transfer protocol that uses a Secure Socket Layer (SSL) connection in order to communicate securely.
Websites that use an SSL certificate will always show https;// behind their domain name. Always try to look out for the address when entering sensitive information. Try to never use a site that does not use a form of SSL protection, as in most cases those sites are targeted for cybercrime.
A secure website helps with SEO efforts
Popular search engines such as Google prefer secure https websites over normal unsecured http websites.
Users are aware of the importance of a secure website
Internet users are aware of secure websites and will most likely turn away from an unsecured site most of the time, especially if it involves them entering important information. This is because most browsers show a warning for sites that are unsecure, as well as https becoming the norm for all websites on the internet.
SSL helps combat cybercrime
We live in a day and age where cybercrime has become the norm, having your website behind an SSL certificate helps secure your websites users from intruders who try to steal their sensitive information. Since an SSL connection encrypts the data between the website and user, this is no longer possible, preventing your websites users data from being stolen.
PCI Compliance requires HTTPS
If your site handles sensitive information such as Creditcards and personal information then by payment law you have you secure your site behind HTTPS.
Where can I get a SSL certificate?
You can purchase a SSL certificate from one of the certificate authorities. However, If you are using Asura Hosting, we offer SSL certificates completely free of charge with all our web hosting plans.