Did you ever notice those little lock icons that show up in browser address bars on some websites? That’s an indicator that the site is secured with an SSL Certificate and that any data submitted will be encrypted. This is a very good thing, of course, but traditionally you’d only find it on eCommerce sites or any site that required the transmission of sensitive data like credit card or social security numbers. That’s all changing very soon.
Google announce a while back that insecure sites would join non-responsive sites in getting dinged in search results and on July 23, Google is going to take another step toward favoring secure sites when the next version of Chrome is released. From that point on, users will see alerts for websites that are not secured with an SSL Certificate. Currently, secure sites are identified but sites without a certificate show virtually nothing except the site address.
Rather than rehashing a lot of available information, I’ll point you to a recent blog post by Cloudflare. You can even test your own site there to get a preview of what your visitors will see in the next release of Chrome. It’s a pretty quick read but the TL;DR version of it is that SSL Certificates are easy, free, and very much required these days even if you’re not selling anything on your site.
No big deal, you may still (incorrectly) be thinking, but anyone that hits the back button is a potentially lost client or customer. And that’s assuming they find you at all. This is such an easy thing to correct that ignoring it is going to leave you looking lazy. As an aside, this is a really good time to examine exactly what kind of value you’re getting from your current web host, as well. I’ll also take this opportunity to remind any of Adobe’s Business Catalyst customers that the clock is ticking.
So, what do you do if you don’t have an SSL certificate installed on your site?
The first thing I did, and recommend to anyone, was to contact my web host which WAS GoDaddy. Many of them will not only provide it for free, they’ll install it and make sure everything is working properly. I was rather disappointed in GoDaddy’s lack of free SSL certificates (they charge about $80/year) and had also grown rather tired of their slow Managed WordPress servers. There are varying levels of certificates but for an informational website such as the one you’re looking at now or my business site, even a free certificate from Let’s Encrypt will do the job. If you’re happy with your host and they can provide the certificates and get them set up for you, you can pretty much stop reading here and get started with them.
However, if you need some help…
I can save you a little bit of time and give you the result of my research which landed me at SiteGround for my sites (full disclosure: that’s an affiliate link). There are other quality hosting companies out there but I feel their pricing is more than reasonable, their servers are fast enough for small businesses (and blazing fast compared to GoDaddy’s Managed WordPress hosting), their support is outstanding, and they provide free Let’s Encrypt SSL Certificates. I chose the GoGeek plan for $11.95/month but they have plans as low as $3.95/month with an annual commitment). Check them out but by all means do your own homework to decide what’s best for you. I want to stress that these plans are for smaller sites that simply do not require dedicated servers, so please, if you’re going to comment on this post, keep that in mind.
Let me insert a bit of rant here. I have a year or so left on my GoDaddy hosting account. When I called to cancel it, I was told no refunds. Fair enough, but I couldn’t even get a credit for my other products there. I moved my sites, anyway, but suffice it to say, I’m not too happy with them.
So, have you already taken the required steps to add an SSL Certificate? If not, I strongly encourage you to get busy.
Finally, I know this kind of thing is not for everyone. If you’re concerned about your site, I’ll be happy to provide a brief, free consultation. You can reach me via the contact page or leave a comment if you have any questions.