SSL is enabled by default for all our customers. Since you no longer need to activate it yourself, the SSL section in the control panel has become unnecessary.
What is an SSL Certificate?
SSL (Secure Sockets Layer) certificates provide a specific method of encryption. They ensure that the data going from the user’s computer to the website stays secure and unreadable to any malicious intruders like hackers and identity thieves, but any other third parties too. Therefore, it remains safely protected. SSL cryptography uses two keys, one private and one public, which are long strings of random numbers. Public key is known to the server and it encrypts all information. This information can be unlocked only with a private key. If an intruder happens to intercepts this connection, he would only encounter ununderstandable numbers. So, each time you enter any of your personal information into a certain website, SSL makes sure all your data travels safely from your browser to the web server. This is pretty important if you’re doing some fun online shopping and you share sensitive information (like your bank account number) online. You can think of an SSL certificate as a certain data file, provided by a trusted party, that authenticates and guarantees the identity of a certain website with a cryptographic key. It binds together information such as domain name, server name, company name and its location. SSL signals users and tells them something like “hey, this website is ok, you’re safe, you can spend your money here or share personal data”. Website traffic coming from each individual user is encrypted, kind of like a trusted conversation no one can eavesdrop. SSL is a part of the HTTPS (Secure Hypertext Transfer Protocol), which safeguards your data and enables secure sessions once the certificate is installed on the web server. Users can see whether or not a website is secure by looking at the browser tab: if there’s a padlock, a word “secure” marked in green, and of course – HTTPS, then it’s safe to enjoy that website.
Importance of an SSL certificate
As we already mentioned, SSL certificate has become a security standard. However, websites that absolutely must obtain it are those that have logins or use forms, given the fact they operate with sensitive data such as usernames and passwords. Of course, e-commerce websites need SSL as they have to comply with the Payment Card Industry (PCI) standards and protect customer data. However, all websites can benefit from this additional layer of security and it is important to acknowledge that. The importance of owning an SSL certificate can be seen in the following:
- It promotes data security and keeps all data between servers protected
- It builds digital trust and shows you care about your visitors’ data safety
- In the SEO context, HTTPS websites might experience a ranking boost
If you’re involved in the ecommerce business, owning an SSL certificate can improve your conversions by signalizing shoppers they can safely make a purchase: study by Symantec suggests conversion rate can be increased by 18-87%. Plus, you can increase your average transaction value by 23%, which is again tightly connected to the trustworthiness. In addition to all of the above mentioned, an SSL certificate contributes to your brand image and sets a solid reputation for your website, as it clearly communicates you understand the responsibility that comes with being a webmaster. In the moment of writing this blog post, only around 64% of websites are secure, which means we still have a lot of work to do in the domain of online security, particularly when it comes to educating webmasters about the importance of SSL and handling spammers in the cyber arena.
Why did we make SSL the default setting?
By having an SSL certificate issued for ourdomain, your subdomain can be identified as secure. This allows your members to access your dashboard securely via HTTPS. In the past HTTP was the norm for most websites and only pages with sensitive data, like payment or login pages, used HTTPS. Over the years, the way we use the internet has changed. Websites have become more interactive, and we share much more information than before, making security even more important. In line with these developments, Google announced last year that they want to encourage people to use primarily HTTPS. To do this, sites that are only using HTTP, will in the future be marked as insecure when a user enters data in Chrome. On top of that sites that are using HTTPS get a boost in their search ranking. Because of all this, HTTPS has become the obvious choice over HTTP, and that is why we now enable SSL by default for all our customers.
How does HTTPS help to improve security?
HTTPS is the secure version of the “Hypertext transfer protocol” that a browser uses to communicate with websites. It encrypts the connection between your browser and the server so that others cannot change or intercept content when you are, for example, using a public WiFi. You can verify if you are using HTTPS, by the closed padlock that is visible in the address bar of your browser. However, as HTTPS becomes the new norm, the padlock will probably be removed in the future.