You’ve probably noticed that internet browsers these days mark a website as ‘secure’ or ‘not secure’. If you’re a website owner and you have a ‘not secure’ website, you’re probably wondering what means to you and what you can do about changing the status.
If you don’t host your website and instead use a service such as Wix, WordPress.com (but not WordPress.org), and SquareSpace then you probably already have a secure website. If you host your own website then it’s likely you’re going to come across the issue of having a not secure website.
You can tell if a website is secure by the ‘http’ prefix. If it has ‘https’ then you have reached a secure site whereas the standard ‘http’ is not secure.
You want your website to be secure as it means data generating from your website is encrypted. When data is transmitted, such as sending payment details, it is encrypted to stop hackers getting your sensitive information. Many third party applications such as PayPal require a secure connection between your website and the third party website.
Browsers inform viewers whether a website has this encryption and that’s why you see the message not secure. Search engines like Google take into consideration whether your site is secure or not as part of the algorithm and will position your site accordingly (not secure means lower rankings).
What you need is a SSL (secure socket layer) certificate and you get this from your hosting company.
Most hosting companies do not include this in your hosting costs so it’s an add-on expense that can cost you a couple of hundred Euros a year extra.
However, there is an organisation called Let’s Encrypt which believes that encryption should be free and they offer free SSL certificates to website owners. Not all hosting companies offer this free service which makes it difficult to implement the SSL on your website.
If your current host doesn’t offer Let’s Encrypt SSL certification then you have two choices:
- Pay for a SSL certificate from your hosting
- Move your website to a hosting company that includes Let’s Encrypt as part of their standard hosting packages.
Rather than pay for individual SSL certificates on my websites, I decided to move my hosting to a company that offered Let’s Encrypt as part of its packages. I was surprised to find that many big companies including HostGator (this was my previous host and I would not recommend it) do not offer this free SSL service.
I moved my websites to Hawk Host because they offered a generous package with Let’s Encrypt included. I’ve been happy with my decision since May 2017!
If you don’t already have a website then you need to make sure you have SSL as part of your hosting. This will save you the headache of transferring to a new host. I offer advice and guidance in all of my web design packages to make sure you have a secure website from the outset. Contact me for further information.