If you’re an avid “Googler” like many of us, you may have noticed, and been nervous about, random sites coming up listed as “Not Secure”. Not just a little, hard-to-notice notification, but right up there in the search bar, RIGHT NEXT TO your website address. Google’s browser will display a “Not Secure” warning next to the website in the address bar if the site is not secured an SSL certificate. You might ask – what is SSL? Does my website really need an SSL certificate? Do I need to know how SSL works? If you’re going to have a non-ssl-totting website in this world-wide-web-world, you plain flat need to know how google views your website without SSL because what Google thinks matters.
See related Ranking On Google
What is SSL?
“SSL” stand for Secure Sockets Layer. OH. Well that explains it … not at all. In simpler terms, it’s how small business communicate with customers with their website. How they can browse, buy products or services, and share information safely with them online. Without being too technical, adding an SSL certificate to your website creates a secure connection for those kinds of activities. To figure out how Google views your website without SSL, you need to understand what it does.
Think of an SSL certificate as a giant windshield in front of you when you drive on the information super-highway. An SSL certificate protects your site — and its visitors — from many digital bugs, worms and other nasty web creatures. Before assuming that your site as “too small to be a target,” bear in mind that a human is most likely NOT on the other side of a hack. Most hacking is done electronically, so no one will be picking and choosing which site makes sense to target. For that same reason, a site that does not take payments is also vulnerable. A web hack doesn’t care how big you are, what you do for a living or if you have a super cute puppy. They have one goal, and that is to find vulnerabilities. Once discovered, its dirty work begins.
See related website design
What does an SSL certificate do?
An SSL certificate works to create an encrypted connection between your visitor’s browser and the server. A secure session is established via a “handshake” process, one that involves a back-and-forth between the web browser and the web server, and it occurs behind the scenes — all without interrupting the shopping or browsing experience. It’s kind of like sealing a letter in an envelope before sending it through the mail. It’s a layer of protection.
Does your website really need an SSL certificate?
As mentioned above, Google began rolling out their new Chrome 68 browser in July 2018, marking a website as “Not Secure” if it is not protected with an SSL certificate. It’s all a part of making the global web more secure. Your site being labeled as not secure could make people leave it as quickly as they came OR worse – not trust your business overall. It is NEVER good for your site to be labeled negatively, but if Google doesn’t like you – face it – you’re screwed. So beyond all of the ‘adding a layer of security to hopefully avoid hackers’, having an SSL certificate is really really important.
Accept payment securely
Do you plan to accept major credit cards online? An E-commerce website needs a merchant account, and most of them will require that your site have an SSL certificate. Also, many web hosting companies, including one of my favorites GoDaddy, have terms of service requiring websites to be secured with an SSL before accepting credit cards. Bottom line – would you really want to put your customers at risk of having their credit card information stolen while shopping on your site? Not only will your company be looked at as liable, you’ll most certainly lose a customer and anyone that customer tells. It’s not exactly a great way to attract repeat business.
Protect password logins
A major reason you might want to add an SSL certificate to your website is if any of your pages are password protected. This includes WordPress or Joomla! or other database-driven sites with a login page for the administrator. Membership sites with multiple logins also create more opportunities for black-hat hackers to attack. Remember, anything that needs to be secure online needs to operate under the safety net of an SSL certificate. The web is filled with bots lurking around seeking poorly protected password pages to provide them access to your website. You don’t want to log on only to find your pages have been defaced or deleted.
Secure all web forms
Not everyone collects money online. Some websites collect information. These could be leads for potential home buyers. Or questionnaires about your client’s employment history. Or anything. If you are collecting even the most basic information such as name, address, phone number and email address, chances are your clients would not want that information leaked.
Without an SSL certificate, some types of form mail can be intercepted. Some code is more reliable than others. Do you want to take chances that yours is susceptible to hacking? Probably not. This is why securing your online forms with an SSL certificate is also a must. You wouldn’t do business with someone who skipped this step. Don’t give anyone this as a reason not to do business with you.
Why Would Someone Hack My Small Business Website?
There’s only one answer to this question and it’s to make money… lots of it!
Yes, even a small website hack can generate a substantial amount of money. Cyber criminals can make money with your compromised website by distributing malware, SEO spam, and even set up e-mail spam servers and phishing sites.
Money is obviously the most common motivation behind the attacks.
Injecting backlinks and spam to a legitimate sites remains one of the most profitable and popular types of website attacks. After the website has been compromised, a malicious backdoor will be uploaded to the website which gives the attacker the ability to invisibly redirect your visitors to their scam sites any time they want. Apart from generating money for the hacker, your website gets a penalty from search engines, which will ruin your SEO (aka chances of showing up higher in the search engine rankings).
See also SEO Juice Dos and Don’ts
It’s important to have an SSL certificate on your website. We’ve explained how Google views your website without SSL and if you still have questions, we’re here to help. If you don’t have an SSL, speak to your developer immediately or ask another web developer (like US) how you can add one. You really do not want to wait much longer. If your website does anything in this world, it HAS to be Google-friendly. Everyone Googles for crying out loud. The sad fact is, an SSL certificate is not enough to keep your site from getting hacked. If you have a WordPress, Drupal or Joomla website (nearly 40% of all websites are), you need to keep your plugins, php version, themes, etc updated to avoid vulnerabilities. It’s also not a bad idea to get specific malware protection from your website host company – especially if you don’t have a developer watch-dogging your site all the time.
If you need assistance with your SSL Certificate, existing website, or if you need a newly developed site; feel free to contact Creative Juices Marketing Agency to discuss. We’d love to help you! CONTACT US