Do you need SSL?
If you plan to incorporate an online store with on-site payment facilities where you take credit cards, or use certain payment gateways, the answer is yes. If you want to add an extra layer of security to your site, for example to protect user passwords and prevent advert injections, the answer is yes. If you want extra brownie points from Google, the answer might also be yes, as they have said they slightly favour sites with https.
Until recently, website owners generally only used SSL – HTTPS if their site included an online store. As the encryption of communications adds an extra step before a webpage can be shown to a visitor, making the site slightly slower, many website owners were reluctant to use an SSL certificate unless necessary. These days, with the constant risk of hacking, more and more sites are starting to switch to using SSL, even if they don’t have ecommerce facilities.
How do I get https?
If you want your website to use https, it means you need to obtain a valid SSL certificate. The SSL certificate, which you may or may not have to pay for, then needs to be attached to your hosting. Some are now added in a one-click process, whereas some require a little more work. There are also different types of SSL Certificate, which we won’t go into here.
There are still several ways of obtaining and adding an SSL certificate to hosting, and the way to do it depends on your particular hosting company. So, for information on how to add an SSL Certificate to your hosting, speak with your hosting company. They’ll almost certainly have a step by step guide on what to do, and some will even install the certificate for you, if you ask nicely!
Free SSL Certificates!
Free, as in Free Beer. Unless you have a specific need due to your e-commerce partner, you can get SSL certificates for free. One way is to use “AutoSSL” which can be enabled by your hosting company, or which you can manage yourself through WHM if you have it. This provides your domain with an SSL certificate for 90 days. It is then renewed automatically every 90 days.
Similarly, you can also get a free SSL certificate from LetsEncrypt (https://letsencrypt.org/). Let’s Encrypt is global Certificate Authority (CA) which lets people and organizations around the world obtain, renew, and manage SSL/TLS certificates. These certificates can be used by websites to enable secure HTTPS connections. Let’s Encrypt offer Domain Validation (DV) certificates but not Organization Validation (OV), Extended Validation (EV), or wildcard certificates, because issueance for these certificates cannot be automated.