Yes, we hate alarmist headlines as much as you do – but in this case, it’s actually true.   In September, Google stepped up its war on unencrypted websites, which means sites that don’t have SSL security certificates installed.  You’ll know if you do because your website address will start with https:// instead of http://, and show a little green padlock icon in the browser to tell visitors it’s secured.

 

Secured by SSL

Secure

Not secured

Insecure

An SSL certificate encrypts traffic between the user and the website, so it’s critical for online payments and highly recommended for any website with online forms accepting any kind of personal details.  It also contains identification information about the website owners, and so inspires trust in your site (and helps combat fraudulent use of the web).

Use of SSL can also bring significant improvements in how fast your website loads, because it allows you to use the new HTTP/2 protocol for delivering your webpages (tested to improve load times by 17%).

Google is making efforts to encourage widespread use of SSL across the web, and has already begun to offer (slightly, for now) better search engine rankings for sites that are secure.  As of January 2017, when the latest version of Chrome is released, it will start to warn users when they are accessing an insecure website.

At first, this will apply to any website that allows users to enter passwords, but will eventually be rolled out to all websites.

Google's insecure warning

If your site is still insecure, we recommend you take steps to install a SSL certificate before Google launches Chrome 56.  Even if you won’t suffer the insecure labelling at first, it does lie ahead.

How to install an SSL certificate

SSL certificates are digital signatures that need to be prepared and installed on your website.  Some SSL certificates are free;  others cost an annual fee (more expensive ones offering greater security and insurance, and perhaps covering multiple websites).

If your site is hosted at our recommended host, WPEngine

Free certificates are available so no annual fees;  installation requires 30 mins of our time to install the certificate, update WordPress settings, update links in your database and test.

If your site is hosted at another host, arranged by us

Ask us and we’ll discuss the options with you.

If another agency or developer manages your website

Please consult them in the first instance

If you arrange for your own hosting directly

Ask your host if they can install an SSL certificate for you and what the costs are.  (If it’s Tsohost, for example, certificates start at £49.99/yr and should be ordered by opening a support ticket with them.)

If you’d like a hand with anything, please let us know.  Contact us at help@squareeye.com or by using the form below.

Contact us

11 + 12 =