Posted by Calico UK - 15:51 on 29 August 2018
When someone connects to your website using the http protocol everything they type, and everything the website sends to them, is in plain text so anyone can potentially listen into the web conversation. This is especially important if they are logging into the Internet using a public WiFi system such as an Internet cafe, or a free coffee bar WiFi. The https protocol prevents their communication being so visible. With https, a secure, encrypted connection is made from their PC through to the website, which no-one can intercept or eavesdrop.
SSL certificates go hand-in-hand with https. If you try to use https when the site doesn't have an SSL certificate, either you won't be able to, or your browser will give an error. The certificate gives your browser the confidence that it has reached the correct website and can start the https connection securely. Here are some more reasons you should be using an SSL certificate on your site:
1. Web browsers now highlight sites with no SSL certificate as being insecure and untrustworthy.
Google's Chrome browser adds "Not secure" to the address bar when a site is being accessed using http. Firefox, when you click on the (i) information button next to the address bar, says "Connection is not secure" in red. Similarly Microsoft's Edge says "Be careful here" when you look at the site's information.
2. Your reputation or brand could get damaged when there's no SSL certificate.
Bearing in mind the negative publicity you'll get from the above, your site's reputation and your brand could suffer when customers keep seeing these warnings. If your competitors *do* have an SSL certificate then you could lose business to them.
3. Https improves search engine ranking.
Google has started to punish sites which cannot be accessed with https by pushing them down the search engine rankings, so https sites move up the list.
4. Confidential data is not visible.
If your website contains confidential information, or if your users enter confidential information on your site (eg passwords), then https will give you both the secure connection you need to move this confidential information around.
5. It prevents 'Man In The Middle' attacks.
The connection between a PC and your website takes place over a number of 'hops' as the PC connects to a router, then to the next network switch, then the next, until it finally arrives at the server hosting the site. Each of these hops could be a place where a malicious user (the Man In The Middle) could alter the data going backwards and forwards. When there's an SSL certificate in place and https is used, this kind of attack isn't possible.
Add your comment below