What is SSL and why is it important?
SSL stands for Secure Socket Layer and it is currently the industry standard for encrypting traffic sent between web server and web browser. Its primary use is to prevent sensitive information such as customer details and credit card information from being read by an unintended third party. By not having an SSL you may deter potential security conscious customers from using your website.
Other notations we use when referring to website security are:
- HTTP – the default protocol for browsing webpages.
- HTTPS – the secure version of HTTP, tells the web server to communicate using the SSL certificate.
So how do you know if a website is secure? Usually the easiest way is to check this is if the address bar has a green padlock in it, this means that the website has an SSL certificate and is loading the content securely. It can vary from browser to browser but there should always be a green padlock somewhere there.
Some websites may have an SSL certificate but not automatically tell your browser to load the page via HTTP, you can check by changing the HTTP part of the address to HTTPS. Some websites may be configured to redirect you back to HTTP automatically. If it is successful, you will be directed to the secure version of the website and you’ll either see a green padlock or one of the following:
Red Padlock or HTTPS crossed out – The page has attempted to load securely but does not have an SSL certificate. It may also popup with a warning in some browsers.
Not Secure – Chrome and Chromium based browsers as of recent have put a larger focus on SSL certificates with one of the more recent updates (Chromium 62), adding a “Not Secure” message in the address bar of websites which lack an SSL certificate. This occurs when the user starts entering data on a page loaded via HTTP, for example in a contact form or checkout. 
What types of SSL are there?
There are three different types of SSL certificate Extended Validation (EV SSL), Organization Validated (OV SSL) and Domain Validated (DV SSL).
Domain Validated (DV SSL)
This is a simple certificate that just validates a domain, it ensures that the information is encrypted but since it does not have company information it doesn’t identify who is on the other end. It is quick and cheap to obtain since it doesn’t require any additional information, it is the most common type of certificate we set up.
Organization Validated (OV SSL)
Similar to the Domain Validated but this requires some company information to be submitted, this information is displayed in the certificate if the user wishes to confirm it; however, just displays the green padlock in the browser like the Domain Validated one. It’s a bit more expensive and takes longer since the information needs to be submitted to the Certificate Authority (CA) for vetting.
Extended Validation (EV SSL)
Extended Validation certificates are the newest and provide the greatest level of authentication, unlike the previous two this one displays the company name in the address bar next to the padlock and requires a large amount of verification, for this reason it takes the longest and costs much more than the previous two.
Consider what you really need for your website when buying, the Extended Validation SSL looks very professional, but is not really necessary for small businesses or blogs. Also, if you have multiple domains and/or subdomains, upgrades to multi-domain and wildcard SSL’s will increase the price.
If you are interested in getting an SSL certificate, then feel free to submit an enquiry online or call us on 01531 633742 to have a chat!
Note: We can only set these up on websites hosted on our servers, if you have other hosting you’ll need to contact that provider.
Read more blog posts
Every business owner we have ever met aspires to rank number one on Google. Of the huge variety of businesses and industries we have worked with over the years, this is the one thing guaranteed to unite them. And of course, this is the case – they know, and we know, that 93% of all online buyin
For almost all the websites we review, we end up recommending a re-write of the ‘About Us’ page. Your ‘about’ page is a massive opportunity to connect with potential customers and to convert them online, but this opportunity is so often wasted. This blog explores why people get it wrong so ofte
When pay monthly websites first came on the scene they were targeted at start-ups and micro-businesses without the revenue to outlay thousands on a professional website – Google ‘pay monthly websites’ and you will be flooded with companies offering web services at incredibly low prices. However,