Nobody said SSL certificates were exciting. The good news is: You don’t need to love them, and you don’t need to know any more about them than you choose to. But you do need to install them. Because a website without an SSL certificate is a disaster waiting to happen.
Before we answer the question “Why use HTTPS?”, we need to answer an even more important question:
What exactly is an SSL certificate?
Whenever you visit a website, a text protocol called HTTP carries information between your device and the website you’re visiting. If that data isn’t encrypted, anyone who intercepts the data can read it.
An SSL certificate is a data file that encrypts data sent between websites and the devices that visit them, so that even if someone intercepts the data, they won’t be able to read it. SSL certificates are a crucial part of securing your website.
Why use “HTTPS” when we’re talking about SSL certificates?
Sometimes, people use the term “HTTPS” to talk about SSL certificates as if they’re interchangeable terms, and they kind of are. You see, when a website doesn’t have an SSL certificate, the beginning of their URL will usually be written “http://”. But when a website has installed an SSL certificate, the beginning of their URL will instead be written “https://”. That “s” stands for “secure”, and it means that any communication between your device and that website will be safe from prying eyes.
Why use HTTPS if I don’t handle sensitive information on my website?
All this cloak-and-dagger talk of encryption might make you feel that you don’t really need an SSL certificate for your website. You understand why websites need SSL certificates if they collect sensitive information like credit card details, but you don’t need an SSL certificate for your innocent little blog, right?
Even if your website doesn’t collect sensitive information, there are a host of reasons why you still need an SSL certificate. We’ll get into most of those reasons later in this article, but here’s something you’ll want to consider: If you don’t have an SSL certificate, your website could be flooded with ads. Not only do you not have a say in which ads are displayed on your website, but you also don’t get any of the ad revenue!
And now for even more important reasons why you need a properly installed SSL certificate even if your website doesn’t handle sensitive information, and even if your website is a blog:
Why use HTTPS:
- It’s impossible to get modern web applications without HTTPS
- SSL certificates improve your search engine ranking
- You lose visitors when you don’t have an SSL certificate
- You can’t be PCI compliant without an SSL certificate
- SSL certificates eliminate the risk of phishing and other cyber-attacks
- SSL certificates make your website look more credible
1. It’s impossible to get modern web applications without HTTPS
Most modern website owners realise how difficult it is to attract loyal visitors to their website. There are so many websites on the internet that if you want to keep people coming back to your website, you need to be constantly marketing to them. Email marketing is one way to do this, but after a while, your visitors learn to tune those out. This means you need to step your game up with push notifications and Progressive Web Applications. Because these apps require users’ sensitive data (like their current location), you can only run these apps if you have HTTPS.
2. SSL certificates improve your website’s ranking
Google acknowledges users who move to HTTPS by giving a ranking boost. Google want you to be secure for users who use its search engine. And websites without an SSL get tagged as ‘Not secure’. This means that an SSL certificate is a handy tool to add to your SEO strategy.
3. You lose visitors when you don’t have an SSL certificate
Some browsers actively scare your visitors away when they try to go to your unsecured website. Your visitors might see a warning message telling them that visiting your website might make them vulnerable to cyber attacks and identity theft, or they might see a slightly passive-aggressive message that says something like “Are you sure you want to visit this website?”, or they might see a little warning symbol next to your website’s URL.
Some visitors ignore all these signs and forge ahead to your website anyway, but most of your potential visitors take these warnings seriously, and they’ll just move on to a similar website that does have an SSL certificate.
4. You can’t be PCI compliant without an SSL certificate
The Payment Card Industry (PCI) governs which websites are allowed to collect credit card information online. Only websites that have an SSL certificate can do this.
It’s not only eCommerce websites that need to collect credit card details. If you run a fitness blog, for example, you might want to put together an exercise program that your clients can pay for. Or if you run a parenting blog, maybe you want to write an eBook with lots of quick, healthy lunches that don’t need to be microwaved. There are lots of legitimate reasons a non-eCommerce site might want to collect credit card information. An SSL certificate gives you room to take your blog to the next level by monetizing your knowledge.
5. SSL certificates eliminate the risk of phishing and cyber-attacks
No matter what kind of website you have, if you don’t secure it, you leave your visitors vulnerable to phishing and other cyber-attacks. An SSL certificate is an easy way to add another layer of protection between your website and the people who want to exploit it.
6. SSL certificates make your website look more credible
SSL certificates make your website look more credible for two reasons:
- They prove that you are who you say you are
- They let your visitors know that it’s safe to visit your website
One of the most basic functions of SSL certificates is that they prove that your identity has been verified by the independent Certificate Authority. At its most basic level, an SSL certificate means that someone has checked your identity to make sure that you are indeed the person authorized to use your domain name. Visitors trust you more when they see that your identity has been verified.
SSL certificates also tell your visitors that they won’t be leaving themselves vulnerable to hackers and identity thieves if they visit your website. As you can imagine, this makes your visitors feel much more comfortable.
SSL certificates aren’t the most glamorous part of building a website, but they can mean the difference between having a safe website and having a website that’s nothing but a hacker magnet. SSL certificates are so important and affordable that there’s really no excuse not to keep your website protected.