You may have already noticed that some URLs start with “http: //” and others with “https: //”. This “s” indicates that your connection to this web page is encrypted so that your data cannot be intercepted. The technology behind this “s” is called SSL for Secure Sockets Layer.
What is SSL?
SSL, for Secure Sockets Layer, is the standard technology for encrypted links between web servers and browsers. This type of link guarantees the confidentiality of data exchanges between web servers and browsers.
As of January 2017, all web pages without an SSL certificate are flagged by Google Chrome as unsecured if they contain a form. This practice has extended to all web pages without SSL certificate visited in private browsing.
Google’s goal in the long term is to serve all web pages over the “https” protocol. According to a study by HubSpot, 82% of respondents leave a website if they see the “Unsecured” alert.
When you enter information on an unsecured web page, it can easily be intercepted and stolen by a hacker or malware.
This information is for example information on a bank transaction or that you enter to take advantage of an online offer. In hackers’ lingo, this interception is often called a middle man attack. The attack itself can take many forms, but most of the time it goes like this: a hacker places an undetectable listener on a server hosting a website. When a visitor enters information on this site, the program activates and intercepts it to send it to the hacker.
However, if you visit a website encrypted with the SSL protocol, your browser will first authenticate its SSL certificate before establishing a secure connection with the hosting server. This type of connection ensures that no one other than you and the website to which you send information can see or access what you type in your browser.
The implementation of the SSL protocol is triggered instantly and without any intervention on your part. Just visit a site using it and your connection will be automatically secure.
SSL and SEO
The main objective of SSL is to secure information between the visitor and your website, but it nevertheless has advantages for SEO.
According to a Google analyst, the use of SSL has now considered a factor of referencing by the search engine:
“Over the past few months, we have carried out tests by considering the use of secure and encrypted connections as an integral part of our algorithms. We were able to observe positive results and therefore started to use SSL as a referencing factor. ”
How to verify that a site has an SSL certificate
When you visit a secure website with SSL, several differences are visible in the browser.
The URL begins with “https: //” and not “http: //”
The use of the HTTPS protocol is visible in the browser’s address bar:
dmtwebhosting.com site with https
- A padlock is displayed in the browser’s address bar
- It appears either to the left or to the right of the address bar, depending on the browser you are using. You can click on it to find out more about the website and the company that provided the certificate.
- The certificate is valid
- Even if a website URL begins with “https: //” and a padlock is displayed, the certificate may have expired. This would mean that your connection would no longer be protected.
To find out if the certificate is valid:
- Right-click on the page and select Inspect.
- In the window that appears on the right of your screen, click on the Security tab and then on the View certificate button.
- A pop-up window with the mention Expires appears and if the date indicated has passed, the certificate has expired.
How to install an SSL certificate?
- Determine which pages and domains to protect
- Apply for a certificate (CSR)
- Order the certificate
- Download and install the certificate on your server
- When you are looking for an SSL certificate for your website, the first thing to do is to determine the type of certificate you need.
First, determine the number of certificates required and the areas to be protected. For example, you may want to protect your blog, website, and landing pages. In this case, depending on the configuration of each, it may be necessary to purchase a specific type of certificate from authorities such as GeoTrust.
Another important aspect is the period of validity of the certificate. By default, most SSL certificates have a validity period of one to two years. However, more advanced certificates offering longer validity periods exist.
Valid SSL certificates are taken into account by search engine referencing algorithms, so if your certificate is not renewed or if your website is still based on the HTTP standard, your position in search engines may deteriorate.
About the author
DMTwebhosting.com’s Editorial Team prides itself on bringing you the latest web hosting news and the best web hosting articles!
You could also link to the news and articles sections: