What is SSL and Why is it Important?

What is SSL and why is it important?

SSL stands for Secure Socket Layer and it is currently the industry standard for encrypting traffic sent between the web server and web browser. Its primary use is to prevent sensitive information such as customer details and credit card information from being read by an unintended third party. By not having an SSL you may deter potential security-conscious customers from using your website.

Other notations we use when referring to website security are:

  • HTTP – the default protocol for browsing webpages.
  • HTTPS – the secure version of HTTP, tells the webserver to communicate using the SSL certificate.

So how do you know if a website is secure? Usually, the easiest way is to check this is if the address bar has a green padlock in it, this means that the website has an SSL certificate and is loading the content securely. It can vary from browser to browser but there should always be a green padlock somewhere there.

Some websites may have an SSL certificate but not automatically tell your browser to load the page via HTTP, you can check by changing the HTTP part of the address to HTTPS. Some websites may be configured to redirect you back to HTTP automatically. If it is successful, you will be directed to the secure version of the website and you’ll either see a green padlock or one of the following:

Red Padlock or HTTPS crossed out – The page has attempted to load securely but does not have an SSL certificate. It may also pop up with a warning in some browsers.

Yellow Padlock or No Padlock – The Website has an SSL but is loading some resources insecurely, it might be an image, a JavaScript library, external resources from a website which doesn’t have SSL set up, any number of things.3

Not Secure – Chrome and Chromium-based browsers as of recent have put a larger focus on SSL certificates with one of the more recent updates (Chromium 62), adding a “Not Secure” message in the address bar of websites which lack an SSL certificate. This occurs when the user starts entering data on a page loaded via HTTP, for example in a contact form or checkout. [1]

What types of SSL are there?

There are three different types of SSL certificate Extended Validation (EV SSL), Organization Validated (OV SSL) and Domain Validated (DV SSL).

Domain Validated (DV SSL)

This is a simple certificate that just validates a domain, it ensures that the information is encrypted but since it does not have company information it doesn’t identify who is on the other end. It is quick and cheap to obtain since it doesn’t require any additional information, it is the most common type of certificate we set up.

Organization Validated (OV SSL)

Similar to the Domain Validated but this requires some company information to be submitted, this information is displayed in the certificate if the user wishes to confirm it; however, just displays the green padlock in the browser like the Domain Validated one. It’s a bit more expensive and takes longer since the information needs to be submitted to the Certificate Authority (CA) for vetting.

Extended Validation (EV SSL)

Extended Validation certificates are the newest and provide the greatest level of authentication, unlike the previous two this one displays the company name in the address bar next to the padlock and requires a large amount of verification, for this reason, it takes the longest and costs much more than the previous two.

Consider what you really need for your website when buying, the Extended Validation SSL looks very professional but is not really necessary for small businesses or blogs. Also, if you have multiple domains and/or subdomains, upgrades to multi-domain and wildcard SSL’s will increase the price.

If you are interested in getting an SSL certificate, then feel free to submit an enquiry online or call us on 0333 444 3551 to have a chat!

Note: We can only set these up on websites hosted on our servers if you have other hosting you’ll need to contact that provider.

The Drupal Advantage: 8 Reasons why Drupal is the ultimate CMS

It’s no secret that the Essiem team are Drupal enthusiasts.  We love it. For us, it is the crème de la crème of content management systems and we have recommended it to countless clients who all agree that it gives them everything they want from a dynamic, high-functioning CMS.  We have convinced them, and we believe this article will convince you too.

Here is our list of 8 reasons why Drupal is the ultimate CMS.

1)      It’s free – If you are keen to keep the cost of your site development to a minimum this will appeal to you.  There is no software license to pay for using Drupal, you can modify the software without charge and you get free access to future upgrades and security enhancements.

2)      Great user interface  – Whilst the Drupal ‘back-office’ is a complex and sophisticated database, the user interface is so good that even your average joe will feel confident updating their own pages.  Each content type is displayed as an online form with additional fields such as text, images, checkboxes, links and files depending on what type of content you need to manage.  This data can then be translated into multiple different styles on different pages, without you having to add the content in again.

3)      It’s flexible – Drupal is completely flexible – anything you can imagine is possible with Drupal.  If what you need isn’t already available from the huge library of existing resources then you can create your own modules for custom features, as well as your own themes for a custom design.  This provides a powerful, scalable, low-cost high-value solution.

4)      It’s secure – Drupal has an excellent track record in terms of security and has an organised process for investigating, verifying and publishing possible security problems.  Drupal’s security team is constantly working with the community to address security issues as they arise and Drupal users benefit from regular notifications highlighting the latest security advisories of all types.

5)      Trusted by major organisations – When President Obama came into office in 2009 a number of the US Government’s websites were switched to open-source software – Drupal.  And governments aren’t the only major organisations who trust the Drupal platform, many of the most well known global brands including Nokia, Warner Brothers, MTV, General Electric and The Economist all recognise the power of open-source software and use Drupal to support their websites.

6)      Amazing community – Drupal is a community made up of nearly 1 million users worldwide building beautiful themes and constantly pushing the boundaries of Drupal’s capabilities.  Why should this matter to you?  Because this active community always producing new variations on a theme means you can always find exactly what you need – a bespoke quality interface available to implement into your site which keeps development costs down.

7)      It is SEO-friendly – Most companies rely on SEO as part of their marketing strategy and from this perspective Drupal does not disappoint. Drupal enables companies to come forward with SEO-friendly websites. It has enormous flexibility to display content in a way that search engines like.

8)      Award-winning – Drupal boasts an impressive trophy cabinet of some of the top awards in the industry, including Best Free CMS from Critics Choice, Best Open Source CMS and a place in the Open Source CMS Hall of Fame.  Drupal, we salute you!