When you visit a website, if the web address starts with http://, all the information that your browser sends to the web server, and receives, is in open text. So, for instance, if you log into your WordPress admin panel, your user ID and password are transmitted across the internet in clear text that anyone could read. So, it’s entirely possible that someone who is watching the web traffic to your website could grab your user ID and password as it was sent.
But if you have set up an SSL (Secure Sockets Layer) certificate correctly on your web server, the URL becomes https:// (the “s” for “secure”), and all data transmitted back and forth is encrypted. This is especially important if you’re collecting any private data on your website such as credit card information. You don’t want someone snagging your client’s credit card information.
If you visit a website that is not secure and is asking for a credit card to subscribe, immediately back out and go somewhere else.
Current PCI banking standards require that all credit card transactions are done on a secure website.
What can happen if a Hacker gets access to my site?
Can you imagine a stranger—or even worse, a thief—sitting in front of your computer, going through your files and doing whatever they want?
That’s what happens once a hacker has used Sub7 to take control of your computer.
It’s as if they are sitting in your cozy computer chair, using your computer and seeing all of your data and files on your computer monitor. And you have no idea that this is going on.
The hacker could be across the street or across the country. No matter where they are, they can copy photos from your computer onto theirs, or delete your tax records. They can steal your personal data or delete the programs you have on your computer.
Worse yet, they can download more viruses.
Why set up a SSL certificate?
Many websites are informational and don’t actually sell things online. So why would you want to set up an SSL certificate? Security.
As mentioned before, it’s remotely possible that someone could sniff your user ID and password and gain access to your content management system. If you haven’t changed the login alias, it’s actually pretty easy to find your login ID. So, if I have that information, now all I’d need is your password (if I were a hacker looking to break in).
What is Search Engine Optimization (SEO)?
SEO is a marketing discipline focused on growing visibility in organic (non-paid) search engine results.
Google says that it’s actually a ranking factor. They’ve backed away from all the “usual” SEO factors like links, and so on. But they are telling us we need three things: (1) A mobile-responsive site; (2) A fast website (small graphics); and (3) A secure website. They want peoples’ experiences to be secure.
I personally believe that people are looking for the green padlock in the web browser. It’s a small, subtle sign of trust. This seems to ring true for some of my clients who are getting pushback from their clients because they don’t want to schedule online appointments or interact on the website without it. This is smart. Therefore, we’re getting more requests to set it up for our clients.
How do I set up an SSL certificate?
There’s a little bit of a process to get your website set up with an SSL certificate. You don’t just change the web address to https://, and you’re done. In a nutshell, these are the steps you need to take:
Generate a CSR (Certificate Signing Request) from your web host, which identifies your web domain and your company information. That gets uploaded to the certificate generating authority.
Obtain a trusted certificate from your domain registrar (like GoDaddy) which will cost you about $200 for 3 years (or more). I prefer to buy the certificate for as long as I can so that I don’t have to reinstall the new certificate each year when it expires.
You will need to install the certificate after you purchase it. Your hosting company can give you instructions on how to do this or you can hire someone to do this for you. That person would need your hosting login credentials.
It’s interesting to me that a large number of websites that I have visited don’t have an SSL Certificate, which means they are not secure.
If you are not sure if your website is secure or if you want more information, please Contact E Plus Graphics, Printing, and Promotions at 301-447-2804. We would be happy to assist you.