You may have noticed that web addresses (or URLs) begin with a piece of code e.g.
You might have even noticed that some pages actually begin with a slightly different prefix:
Actually, many web browsers hide this code but leave a simpler clue behind in the form of a padlock icon and you may have worked out that the extra ‘s’ must stand for ‘secure’ – these
https pages are the ones that show the padlock icon.
These secure pages are protected by something called an SSL certificate. This encrypts all traffic in and out of the page and helps to authenticates web pages as genuine.
Pages with an SSL certificate were originally used for payment gateways to protect credit card transactions but have become more and more common since the HTTPS Everywhere campaign of 2014. In fact, since 2018, Google’s ‘Chrome’ browser has marked all non-SSL sites as ‘Not Secure’ whilst also demoting such sites in their search results.
So now we are in a situation where it is strongly advised that all websites are fully ‘secure’. This means the whole site should be protected with an SSL certificate and show the padlock, but how does this work in practice?
Each domain name should have its own SSL certificate. These are usually applied to domains via web hosting companies and are issued by authorised Certificate Authorities such as Symantec, GeoTrust, Thawte or RapidSSL. Some web hosting companies (e.g. IONOS) offer one SSL certificate free with their hosting packages but the cost is usually around £30 per year or more and there is no doubt that to have a functional website these days, the padlock is highly desirable if not essential.
To sum up, a padlock protected secure site will avoid scary off-putting browser warnings and show improved search results. It will also assure your visitors that if their clicks, uploads and page views are intercepted by anyone with malicious intent, the encryption will help to protect their privacy and their security.
Get in touch if you’d like to know how to bring your site into the 2020s.