When you purchase a hosting package with NetNerd, you receive a free SSL certificate for each website. But what is an SSL certificate and why do you need one?
An SSL or Secure Sockets Layer is a digital certificate that creates an encryption to keep the website secure. An SSL certificate is also used to verify the identity of the site and confirm that it’s genuine.
Online fraud and cyber crime is a growing problem globally, so it is essential that businesses secure their website with an SSL certificate to protect their customers’ personal details and payment information.
How to determine whether your website is secure
It is easy to check whether your website is secure by making sure the website’s address begins with https:// and looking for the padlock symbol next to your website’s address in the browser. The padlock will be one of three colours:
- Green: A green padlock symbol indicates that the page is fully secure.
- Red: If your website displays a red padlock, it isn’t secure and you should arrange for one to be installed as a priority by contacting your hosting company.
- Amber: If your website displays an amber padlock, it is partially secure, however, there may be some issues such as images not going through a secure path that are creating a security risk. You should speak with your web developer to resolve this issue. Until the padlock is green, your website is open to online criminals that could exploit the gap in security to access data.
In 2014, Google began rewarding websites that were secured with an SSL certificate with slightly improved search engine rankings.
In 2018, browsers began to display an alert that websites weren’t secure when you attempt to access them. All websites, regardless of whether they requested personal information from visitors or not, are required to have an SSL certificate to prevent these warnings from appearing.
How does an SSL certificate work?
When a user accesses your website, the data is transferred between the server and their device. Without an SSL certificate, this data can be intercepted by third parties during the transfer. An SSL certificate changes the way the data is sent by encrypting it into a scramble of data that hackers are unable to read.
To unscramble the data, a request is sent from the browser to the server asking for verification of identity. The server sends its SSL certificate in response and once the browser has confirmed the information is correct, the secure session begins and the information is shared. This process takes milliseconds to complete.
If you want to examine the SSL certificate yourself to confirm whether a site is genuine, you can click on the padlock to view information including:
- The domain the certificate was issued to
- Details of the person, organisation, or device the certificate was issued to
- Who issued the SSL certificate
- The SSL certificate’s issue and expiry date