Why is this important?
When you visit a website and the web address starts with http:// the data your browser sends to the web server and receives is in open text.
Does your site need SSL encryption?
If access your WordPress admin panel, your user id and password are transmitted in clear text that anyone could read. So it’s entirely possible that someone who is watching the web traffic to your website could grab your user id and password as it was sent.
But if you have a secure site, the URL becomes https:// (the “s” for “secure”), and all data transmitted back and forth is encrypted.
This is important if you’re collecting any private data on your website like credit card information. You don’t want someone snagging your client’s credit card information.
But my site doesn’t collect data.
If using a content management system like WordPress you don’t want someone sniffing your password.
SEO – Google wants you to have a secure site.
If you are one of the sites that depend on traffic, search engine rankings are important. Google has stated that NOW Sites that are secure (https) will be favored in their search rankings. Along with other factors such as mobile responsiveness. And don’t forget optimized images (small) for quick load times.
Trust.
Your website viewers trust your site more if they see the green padlock on the URL bar. At a minimum they know the data they view and send is encrypted. And some SSL certificates actually verify WHO owns the site before issuing a certificate. Their are different types of certificates.
Switching to a secure site (https).
To switch your site to https several things have to be accomplished.
- Get a SSL certificate installed on your webserver. This involves generating a CSR (Certificate Signing Request), This is uploaded to the Certificate provider. GCIS will generate a CSR for your hosted site free of charge. In most cases we well do the entire process from CSR to certificate installation, for free. Not including the cost of the SSL Certificate itself.
- You must change all links in your website to either relative links or to https:// instead of http://. For large existing sites this can be a challenge depending on your webmasters techniques. For existing wordpress sites it may require some search-and-replace of data in the actual database files. Don’t let that stop you, GCIS will assist you in your transition. Before the URL bar will turn green all data on a page that is loaded must come from secure sites. This includes outside css data or javascript files.
- Redirect all http: traffic to the new https: site. This is usually done at the webserver using 301 redirects which tells search engines that the http: url has moved to https:. It also allows existing links and search engine results to work.
Switching over an existing site *can* be time consuming, and costly. However the cost of some SSL certificates has dropped considerably. It is no longer required to have a unique I.P address for a SSL site as 99% of browsers now support SNI (Server Name Identification).
Contact GCIS if you desire to have a SSL enabled site to see how we can assist you and any costs involved.