If your website still shows a “Not Secure” message on the URL bar and Google continues to hide your link on page 100 in the search, listen up, you need to an SSL (security) certificate installed right away – even if you don’t sell anything on your site.

Google has stepped up the good fight against data theft and now requires all websites that exchange data to be secure (https) for the sake of website owners and visitors alike.

This is an example of a not secure page URL

 

What is SSL?

SSL stands for Secure Socket Layer, a security protocol that promotes encrypted communication between a web server and an Internet browser. Technical jargon apart, SSL certificates ensure that the information exchanged between web servers (the place where websites live) and browsers (the apps you use to navigate the Internet) are only available to the site and the user.

When you visit a secured website, the site sends the SSL certificate to your browser with a unique key to begin a secure session. This agreement allows secure transfer of information between the website you want to browse and the browser you use.

What’s in an SSL certificate?

I like to explain SSL certificates as an ID card. It confirms you’re visiting a legit website and not a scammy copy pig-banking on someone else’s success.

When you click on the SSL certificate icon, the closed padlock on the left to the address you’re visiting, you’ll see the break down of the certificate, including certificate holder’s name, serial number, expiration date, and the digital signature of the certificate-issuing authority.

Do I need an SSL certificate, or is it just an optional luxury?

Yes, you need it. In 2020, an SSL certificate is no longer a luxury; it’s an essential validation for any website.

Here are other important reasons why an SSL certificate is vital for your online business.

1. Active SSL certificates build trust. Customers are more likely to interact with your business when they have the peace of mind that their banking and personal information are safe.

2. SSL certificates are mandatory by Google. Websites without an active certification are flagged as “not secure” on the URL bar. There are talks through the grapevines that Google will soon start to block non-compliant websites altogether.

3. Sites with an HTTPS have a much higher search engine ranking. You could do everything right as far as SEO goes, but without an SSL certificate, your chances of ranking are slim to none.

Which SSL certificate is right for me?

There are three types of SSL certificates to choose from. When it comes to deciding on the right one, be mindful of the nature of your business and your audience.

(DV) Domain Validated Certificate – Checked against the domain registry to make sure you own your domain name. Usually free or cheap from your hosting company. For example, Let’s Encrypt.

(OV) Organization Validated Certificate – Checked by a real person against business registries. It includes some insurance cover in the event of online fraud or data theft.

(EV) Extended Validation Certificate – The most rigorous option. Details checks take place. It triggers the green business name bar and includes more insurance cover.

It’s worth noting that all three options offer the same level of encryption and work in the same way.

How do I switch from HTTP to HTTPS?

There are a few things that need to happen to transform your website from HTTP to HTTPS.

1. Find the right SSL for your website.
2. Install the certificate on your website.
3. Update the configuration of your site to point to HTTPS instead of HTTP.
4. Redirect all pages for your HTTP site to the location of the HTTPs one.
5. Re-verify ownership of your website in Google Search Console and update the sitemap location.
6. Update your web property’s configuration in Google Analytics.
7. Test and confirm that the conversion was successful.

How to install the free Let’s Encrypt SSL certificate.

The Let’s Encrypt is an open-source certificate project backed by big players like WordPress.com and Facebook. It is also supported by reputable hosting companies such as Bluehost, SiteGround, WPEngine, and others.

All this talk of encryption and certificates might sound daunting, but Let’s Encrypt makes it easy to install an SSL certificate in just a couple of clicks. Here’s what you need to know to do it yourself.

1. Activate Let’s Encrypt via your hosting control panel.
2. [WORDPRESS ONLY] Install and activate the Really Simple SSL plugin.
3. Update your properties in Google Analytics and Google Search Console.

FREE DOWNLOAD​

SEO Made Simple.

Download a copy of my SEO beginner’s reference guide and learn the key terms and strategies to build an SEO-friendly website and be found online.​