Have you ever noticed that some URLs start with “http://” while others start with “https://”? Perhaps you noticed that extra “s” when you were browsing websites that require giving over sensitive information, like when you were paying bills online.
But where’d that extra “s” come from, and what does it mean?
To put it simply, the extra “s” means your connection to that website is secure and encrypted any data you enter is safely shared with that website. The technology that powers that little “s” is called SSL, which stands for Secure Sockets Layer.
What is SSL?
First, let’s start with a definition from SSL.com:
SSL is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browser remain private.”
Let’s break that down.
When you land on a website page that has a form, after that form is filled-in and you hit ‘submit’, the information you just entered can be intercepted by a hacker on an unsecure website.
This information could be anything from details on a bank transaction, to high-level information you enter to register for an offer. In hacker lingo, this “interception” is often referred to as a “man-in-the-middle attack.” The actual attack can happen in a number of ways, but one of the most common is this: A hacker places a small, undetected listening program on the server hosting a website. That program waits in the background until a visitor starts typing information on the website, and it will activate to start capturing the information and then send it back to the hacker. Scary stuff that is no longer just is sci-fi movies.
But when you visit a website that’s encrypted with SSL, your browser will form a connection with the webserver, look at the SSL certificate, and then bind together your browser and the server. This binding connection is secure so that no one besides you and the website you’re submitting the information to can see or access what you type into your browser.
This connection happens instantly, and in fact many suggest is now faster than connecting to an unsecure website. You simply have to visit a website with SSL, and voila: Your connection will automatically be secured.
Is SSL good for SEO?
Yes. While the primary purpose of SSL is securing information between the visitor and your website, there are benefits for SEO as well. According to Google Webmaster Trends Analysts Zineb Ait Bahajji, SSL is now part of Google’s search ranking algorithm:
Over the past few months we’ve been running tests taking into account whether sites use secure, encrypted connections as a signal in our search ranking algorithms. We’ve seen positive results, so we’re starting to use HTTPS as a ranking signal.”
In addition, Google has publicly stated that two websites which are otherwise equal in search results, if one has SSL enabled it may receive a slightly rank boost to outweigh the other. As a result, there is a clear SEO benefit to enabling-SSL on your website, and across all your content.
How can I tell if my website has SSL?
When you visit a website with SSL, there are a few distinct differences that display within the browser.
1) The URL says “https://” and not “http://”.
2) You’ll see a little padlock icon in the URL bar.
It’ll show up either on the left- or right-hand side of the URL bar, depending on your browser. You can click on the padlock to read more information about the website and the company that provided the certificate.
3) The certificate is valid.
Even if a website has the “https://” and a padlock, the certificate could still be expired — meaning your connection wouldn’t be secure. In most cases, a site that displays as https will be secure, but if you encounter a site that asks for a lot of personal information it may be worth double-checking to be sure the certificate is valid.
How can I get an SSL certificate for my website?
The cost of SSL certificates vary, but you can get a free certificate or pay a few hundred rand per month to obtain a custom certificate. Clickatech offers free certificates via the Let’s Encrypt movement to all customers that host with us.