An SSL Certificate does not secure your site!

Say WHAT? You read that right. An SSL Certificate does not secure your site. This is a common misconception that needs to be cleared up.

What is an SSL certificate?

SSL Certificates are small data files that digitally bind a cryptographic key to an organization’s details. When installed on a web server, it activates the padlock and the https protocol (over port 443) and allows secure connections from a web server to a browser.

What does that mean?

Basically, an SSL (Secure Sockets Layer) encrypts the connection between your computer and the website server. A website that uses this protocol protects data from being stolen while it’s in transmission between the user and the host server. When you enter your credit card information into a website, or submit any form, the SSL certificate encrypts that data while it’s in transmission. That’s what an SSL does.

Doesn’t that mean my website is secure?

Nope. That means your data is secure, not your website.

What’s the difference?

The difference is that an SSL certificate will not stop someone from  hacking into your website. It won’t thwart hacking attempts. It doesn’t help with brute force attacks. Once someone is in, it won’t stop them from completely ruining your site. It doesn’t secure your site at all. It just protect data from being poached in transmission.

Why would I need an SSL certificate if it doesn’t secure my site?

Good question! I have a few good reasons for this.

1. If you collect any kind of personal data – such as name, email, phone number, having an SSL certificate will protect that data during transmission. People like knowing their information is secure, and you are more likely to get contacts when they know their information is secure.
2. Google now uses SSL as a ranking factor. It’s true. It’s not a major boost, but every little bit helps. I watched the news when this rolled out last year, and decided it was worth the cost to try it out. I think my clients like knowing their information is secure as well.
3. It’s pretty cheap to do. You can get a domain validated SSL for as little as $10 per year (if you can install it yourself).

How do I know if a website is using SSL encryption? 

First, instead of using http:// in the URL, it’ll have https:// instead and usually, it’ll be green with a padlock next to it. And, did you know you can click that padlock to get more information about that site’s SSL certificate? Go ahead, try mine out above.

Need help getting your SSL certificate installed? We can do it! Contact us today for more information.