I'm sure over the course of your time poking around the expanse that is the internet, you've come across web pages with different URL beginnings. You've no doubt seen sites that start with the ol' familiar http://, while other sites start with https://. What's up with that? Simple: It indicates whether your site has SSL encryption or not.
What the hell is SSL?
That little extra 's' indicates that the web page has an SSL certificate enabled, which means the data is secure. The acronym SSL stands for Secure Sockets Layer. That means there's an encryption layer between the web server and a browser to keep the data protected from people it's not intended for. For a more robust definition check out the definition on SSL.com
So, Everett, you're telling me all I have to do is add an 's' at the beginning of my URL, like a 301 redirect and my pages will be super secure? Nope. It's not that easy. There's a whole process for updating your domain to become SSL enabled, which I'll be going over later in this post. First, though, before you make moves to go to https, you should probably look into if it's even worth it. (Spoiler alert: It is!)
I'm an SEO guy, and I'm telling you right here and now, the first reason why you should invest in SSL is to get the search ranking boost. That's right: in an attempt to make the internet a safer place, Google factors SSL into their ranking algorithm. If your site is not SSL enabled, you may not rank as well as your competitors because of it. There's no reason to let those organic visitors slip through your fingers.
At this point, if you don't have SSL, you're falling behind a good chunk of other sites. According to Moz, 32.5 percent of page-1 Google results are now SSL enabled. So if you want to rank for that ever-coveted first page, SSL can help you get there.
Cyber attacks and web security are a huge topic these days, especially with the latest DDOS attack last week. Obviously after hearing about an attack that shut down huge sites like Twitter, Amazon, Spotify, Netflix and others, consumers will be hesitant about where they put their information and which sites they go to.
As a consumer watching these sites go down for multiple hours, I hope you start to think about how much trust you put into certain sites. That leads me to my second reason: trust. We each have our favorite news sites, blogs, shopping sites and all that. But have you looked to see whether these sites are protected? You can see very easily on Google now if a site is SSL enabled or not.
To the left of the URL is where you'll find the pertinent info. As I mentioned earlier, you can look for the 's' in the beginning of the URL. Google also now includes a green lock next to 'https' and an information circle for those sites that are not SSL enabled.
SSL Enabled:
vs.
Not SSL Enabled:
Trust from your visitors should be a top priority for each and every company on the internet; making sure your website is SSL enabled is one important step to building that trust.
Less stress is the final reason to invest in SSL certification. As a digital company there's little worse than worrying about a potential security incident. It could happen at any minute, which is probably the most unnerving thing about it. As SSLshopper.com tells us, SSL provides not only protection for your sensitive info, but also privacy, critical security and data integrity for both your website's information and your users' personal information.
Having a secure site is something you don't think about until it's too late. Invest in SSL now so you don't have to worry.
So now that you know all about the reasons to invest in SSL, I'll walk through a simple version of how to start the process in HubSpot. If you're not on HubSpot, there are numerous other ways to begin to implement SSL. Here's a link that should set you up for success.
For all you HubSpot hooligans, the process isn't easy. It's not uber difficult but definitely requires some understanding of the domain encryption process. So we're just going to go through the very beginning stage here:
To begin the process navigate to Domain Manager through Content > Content Settings > Domain Manager of your HubSpot portal and click Enable SSL.
And it's just that easy...
Well, maybe not. It is that easy to acquire and enable an SSL certificate but that doesn't mean that your site is going to work flawlessly under SSL. There are a few things you'll need to consider. Any links to scripts that that aren't on https will be blocked which can break site functionality. Also, things like iframes and other embeds need to be served in a secure fashion, or they'll be blocked. You also need to make sure your CSS isn't referencing non-secure images or fonts. And then there's mixed content warnings. While these don't actually get "blocked," the SSL lock icon will show gray and warn the user on click that some elements on the page aren't secured. Most commonly this happens with images on the page that are referencing http vs https.
If you feel comfortable with the above, have at it. Otherwise feel free to contact us for help getting SSL up and running on your website today!
Once you get started, SSL will be on its way to your site and your visitors' search bars, helping everyone feel relieved.