Learn how to improve your website’s Google ranking and reassure your customers about your website’s security.
Savvy website owners are realizing the benefits of converting their websites to use SSL/TLS encryption*. This is the technology that displays the familiar little padlock icon in the browser (or URL bar), showng that the connection is secure. For years, this has been a requirement for any websites that collect sensitive information like credit card numbers. People know to look for that padlock.
Today, as concerns about internet security and information protection make headlines in the news, there are three powerful reasons that website encryption makes sense for all websites:
1. Improved customer confidence. Your customers are more likely to do business from an encrypted site for 3 reasons:
- They can be assured that the data received from the site has not been compromised.
- They know that any information that they send to the site is safe.
- They can easily confirm who owns the site that they’re viewing.
2. Better search engine rankings. Google recognizes sites that are fully encrypted and considers it a positive signal for search engine ranking. For now, it’s a small additional advantage, and Google has put its considerable weight behind the concept of ‘secure by default.’
3. Faster connections to your site. Faster connection speeds are coming soon with the adoption of HTTP/2. Modern browsers will only use these faster connections on a secure site. And site loading time is another strong signal for Google rankings.
As you move around the Internet, take a look at how many sites are now ‘secure by default.’ The giants like Google, Facebook, Yahoo, LinkedIn and Microsoft all use SSL/TLS. And as the public has become aware of the risk of intercepted communications, adoption is also growing among smaller sites. In the past, most small businesses addressed website security by trying to fly “under the radar”, counting on their small size to keep them safe. Today, the cost of implementing true encryption and authentication is extremely low and there’s no reason not to enjoy its benefits.
The safe and smart choice for your business and your customers.
Webdancers can add SSL/TLS security to your website quickly and easily. There are three steps and we take care of all of them:
- Purchase an SSL/TLS Certificate. These are issued by a Certificate Authority, who verifies that the certificate purchaser is also the owner of the website. There is also a higher level certificate which verifies the authenticity of the business itself. New: websites hosted by Webdancers can obtain certificates from LetsEncrypt at no charge!**
- Configure the website to use the certificate. This includes making changes on the web server and changing all site links from http:// to https://. A website badge is added to remind visitors they are on a secure site.
- Update all links to reflect the new security. The outside world, and especially Google, must be informed of the change. All links are automatically redirected from their http:// versions to https://. Google is informed of new addresses through their Search Console tool. Google’s recommended practice for changing addresses is used to preserve all existing search engine rankings.
Frequently Asked Questions
Does a secure site load more slowly?
Barely. Each server request takes a little more time when using SSL/TLS, about 1-2%. This used to be more noticeable on older computers and servers. Most site visitors will see no difference at all, aside from the trustworthy little padlock icon.
Why encrypt the entire site? Why not just the pages that collect sensitive information?
- Encrypting only certain pages can be confusing to visitors, who may not understand why some pages are secure while others aren’t, and it may raise concerns about the overall security of your site.
- A fully secure site makes it nearly impossible for bad actors to impersonate your site or shady advertisers to insert ads into your visitor’s connection while they’re visiting your site (a particular problem at hotel and public hotspots).
- It’s technically easier to encrypt everything and it requires less ongoing administration.
Will anything stop working?
Some ad networks and content providers don’t provide their embedded content over a secure connection. This can result in “mixed content” messages that make your website look insecure. These may need to be addressed on a case-by-case basis.
Do I need SSL/TLS if all of my products are sold using PayPal “Buy Now” Buttons?
Technically, no, since the entire transaction takes place on PayPal’s servers. But do your customers recognize this? They will feel safer buying from a site on which the secure padlock icon is always visible.
Will my customers see the change?
The transition to a secure site is seamless from the customer’s viewpoint. What they will see is the reassuring little padlock on the browser bar. We can also add a certificate “badge” that displays verification information about the site when clicked. Plus, we strongly encourage our clients to announce the change, because it will impress their customers and strengthen their relationship.
What does it cost?
Websites hosted by Webdancers can obtain certificates from LetsEncrypt at no charge!** Commercial certificates are $20 per year for domain authentication only. Domain and business authentication is $50 per year. The encryption (security) function is identical for all certificates.
For sites hosted by Webdancers and using commercial certificates, there is a $6 per month charge for a dedicated IP address. This is necessary to support older browsers (e.g. anything running on Windows XP), which would otherwise be unable to access your site. If this is not a concern to you, this fee can be waived.
There is a one-time setup fee to make the necessary changes and updates to a site of $150 for WordPress sites hosted by Webdancers. Sites on other platforms and web hosts will be quoted individually.
What Next?
Show your customers that you care about their safety and security while preparing your site for the future. It will be a powerful marketing tool, and give you a valuable service to share with them once the change is completed.
*TLS (Transport Layer Security) has replaced SSL (Secure Sockets Layer), however the two terms are used interchangeably.
**Let’s Encrypt is a free, automated, and open certificate authority (CA), run for the public’s benefit. Let’s Encrypt serves as a platform for advancing TLS security best practices. As such, it does not allow connections from older browsers that do not support current encryption standards. If your website needs to support browsers on the Windows XP platform, you must purchase a commercial certificate and use a dedicated IP address.