Security is a big deal. And lack of it, whether truly or perceived makes most of us pretty anxious.
That's why we want our website visitors and customers to feel “secure” when they are interacting on our sites and purchasing our products and services.
Google has been saying for several months now that you need to install security certificates on your sites, and that if you don't they will let visitors know that your site is “not secure.” I've already seen such warnings in the Safari browser.
Gizmodo says: “Chrome already marks websites not using HTTPS as “Not secure” if they ask for credit card or password details. As of October (2017), Chrome will mark non-HTTPS websites as “Not secure” as soon as you start to type anything into the page.”
Google's developer blog is also saying that “Eventually, Chrome will show a Not Secure warning for all pages served over HTTP, regardless of whether or not the page contains sensitive input fields.”
What Does That Mean in Plain English?
- If you don't have a security certificate installed on your site, future visitors will get a warning that your site is “not secure.”
- This will not keep them from the site, but many may not want to visit after seeing the warning and may go elsewhere.
- It will not keep them from the content, but will slow them down in reaching it, which could also cost you traffic.
- This will apply to all websites, not just those with subscriber or purchase forms.
And this is why you should plan to migrate your site to use HTTPS for all pages, and soon.
How to Install an SSL Certificate on a WordPress Site
- Before you make any changes, back up your site. You can use the free plugin UpdraftPlus to back up your site if you don’t already have it.
- Find out if your web host has a free SSL certificate you can use. If they do, see if they’ll install it for you.
- Once the free certificate is installed, install the free plugin called Really Simple SSL. Once activated, this plugin will make your entire site secure.
Many web hosts, like MomWebs, will offer a free SSL certificate. If your web host doesn’t offer a free SSL certificate, see how much they charge. If it’s reasonable to you, purchase it and have your web host install it. It's a lot of work to install an SSL certificate. Once they finish installing their own certificate, you’ll still need the Really Simple SSL plugin from step 3 above.
If Your Host Doesn't Offer Certificates or Theirs are Too Expensive…
- If your web host fee for the SSL certificate is too expensive, see if they’ll install third-party SSL certificates. Many web hosts work with NameCheap, which offers SSL certificates for $9 each year.
- Cheap certificates come at a price as you have to configure the certificate with NameCheap, and make a couple of changes to your cPanel before your web host can install it. Namecheap has free support to talk you through the process, but it takes time to go through those steps.
- Once you’ve completed the steps to get your SSL certificate, you’ll need to email the certificate to your web host and then your web host has to install it.
- Once they’ve installed it, you’ll need the Really Simple SSL plugin to active the certificate on your site.
- If you've purchased a certificate, you want to auto renew your certificate so that you don’t run into issues later. Make sure you have the renewal date noted on your calendar in case your credit card number changes. Letting the certificate lapse or expire could create serious link breaking problems.
So, there you have it. Not nearly as big and scary sounding as you thought.
Every day in The Blog Connection we're tackling topics like this to make growing your business easier and less complicated. Join us today: https://handprintlegacy.com/connection