SSL Encryption

The Importance Of SSL Encryption – “Not Secure”

If you have a website that doesn’t have a valid SSL Certificate, modern browsers will display the dreaded “Not Secure” alert.

Windows, MAC, Android & Apple IOS platforms all take updates automatically & regularly now. These updates include web browser security certificate updates.

Not Secure http

If your website still isn’t secure in 2020, this has to be addressed immediately. Having a non-secure website strikes fear and uncertainty into users.

Worse still, most internet security software and in-built firewalls will not allow users to even proceed to the site without warnings which are worded using terms such as “Confirm & proceed to this site if you understand the risks”.

SSL cPanel

SSL Explained In Basic Terms

In this article, I will not delve too far into the technicalities of SSL encryption. Instead let me provide a “layman’s term” description of what SSL is.

SSL Stands For Secure Sockets Layer

SSL Encrytion (which provides that secure padlock in the browser topbar) basically encrypts data as it is sent over the internet.

This prevents sensitive (or any) data being intercepted between the end-user and the host server.

SSL Encryption Is Not New

SSL replaced the old Transport Layer Security (TLS). It has become standard on websites over the last few years.

If your website is not secure and does not have a valid certificate – the search engines will drop your page ranking significantly.

Not having a valid certificate will also have a catastrophic impact on your brand’s online reputation. There are very few users who will click (or tap) “proceed to site and I understand the risks”!

This message is a straight exit for 99.9% of users. (Made up figure to underline the importance of this).

Secure padlock

What To Do If My Website Flags “Not Secure”

  • Contact your website designer / administrator immediately.
  • Contact your hosting provider and get your website encrypted.

What Will Happen If I Don’t Encrypt My Website

Your visitor numbers will plummet or diminish completly

Search Engines will drop you like a “sack-a-tatties” (means your page ranking will collapse, crash, sink, nose-dive, plunge).

You’ll drop to search page 260,333 having previously been at the top of page 1! (again made up figures, but I have to underline the serious impact this will have on your page rank).

Your brand online reputation will be ruined. The warnings that users will receive will suggest that your site has been hacked.

Hardly the confidence that you intend to build with prospects looking to enter their personal details into your site, buy a product or book your services!

How Much Does A Valid SSL Certificate Cost?

Nothing – if you use a reputable hosting company. Almost all include this within the hosting and domain costs.

If your website hosting company charge an additional annual fee for this, it’s time to switch provider.

This is an industry standard necessity. Hosting companies that charge additional annual fees for SSL encryption should be fined by Ofcom for extortion (this is my personal opinion).

How To Get A Site From HTTP up to HTTPS

There are various ways to encrypt a website once a valid certificate has been issued for your domain.

If you are using a WordPress based site, there are two Plugins that I would recommend.

Both of these plugins are free and will assign the correct encryption to your SSL Certificate.

WP Force SSL
Really Simple SSL

What To Do Before Encrypting To HTTPS On WordPress

  • Backup your website.
  • Create an additional admin user with secure login credentials.
  • Make sure the default email address for your WordPress site is valid and up to date.

These measures are purely precautionary. The URL for logging in to your Dashboard will change to https:// rather than http://

If you get locked out of the back-end of your own site, a complete reinstall will be necessary.

About Time

I’m glad to see Google, Bing, Duckduckgo, Yandex, Swisscows and other major search engines drop page rankings for non-secure sites.

Web browsers that are up to date will warn users of security risks, which helps in the ongoing fight against scammers & hackers.

On mobile devices, your browser is kept up to date automatically. However on computer systems, older operating systems were incapable of running new browsers.

This is one of many reasons that Microsoft made the bold decision to allow users on Windows 7 & Windows 8 (8.1) all to upgrade to Windows 10.

Internet Explorer

The old IE (Internet Explorer) was unable to handle modern day encryption.

Microsoft went even further by releasing the Edge browser for W10 to completely replace IE.

You may not have noticed, but trust me as someone who works within computer & IT support, the number of viruses and malware attacks on Windows systems has nose-dived since Microsoft moved everyone up to Windows 10.

There are still vulnerabilities within modern browsers which are patched with the the latest updates. But these are nothing compared to the old days of Internet Explorer and other earlier web browsers.

You Have A Duty To Protect Your Customer’s Data

By leaving your customer / user data open to compromise is simply unacceptable. GDPR laws are now in place to enforce what should already be a priority. That is the safeguarding of your customer’s personal information and data.

Leaving a website on insecure http format without SSL protection demonstrates neglect and disregard for your website visitors.

Should this lead to a hack or security breach, this would have a catastrophic on the reputation of your brand.