Have you ever wondered why some website URLs begin with https and others with http? Why is there lock/ padlock icon before the URLs of some websites?
The padlock icon and the ‘s’ in the ‘https’ in the address bar indicate that the website is secure, and is using a protected and encrypted connection. Such encryption and security are configured to the website using an SSL Certificate.
What is an SSL Certificate?
SSL stands for Secure Sockets Layer, and it is the security protocol that establishes an encrypted and secure communication link between a web browser and a web server.
To create an SSL connection and activate it on your web server, you need a certificate, called SSL Certificate.
When installed on a web server, SSL Certificate activates a secure padlock and https protocol, allowing end-users to securely submit sensitive information like their credit card details, banking details, personal details and more to a merchant’s website.
Used by millions of online businesses and individuals, SSL reduces the risk of confidential information from getting into the hands of hackers and thieves. In simple words, SSL security enables safe communication between two intended parties.
The web has been inching closer to a completely encrypted browsing experience with an SSL for last few years. As per a report by Mozilla, more than half of the websites on the web utilize an SSL Certificate to encrypt the traffic.
In our last blog about SSL Certificate (Top 10 reliable SSL Certificate Providers in 2018), we explained what is an SSL Certificate, how to know if a website is secure, what are wildcard SSL Certificates, how does an SSL work, factors to consider before buying an SSL Certificate, as well as where to buy an SSL Certificate from.
However, one question that remained unanswered in that blog was “Does every website need an SSL Certificate?” We have covered this question in this blog—which websites need SSL Certificate and which do not.
Do I need an SSL certificate for my e-commerce website?
An SSL Certificate is a must for every e-commerce website, even if the customers don’t pay online or don’t share their banking/digital wallet details. Why? There can be three customer cases while purchasing things from an e-commerce site.
First, the customer doesn’t pay online for a service or product. For example, if someone purchases a book from an online store and chooses cash as delivery option on checkout. However, the user needs to sign up for that site, and submit his contact details, which are supposed to be kept private in all cases.
Many of our SSL customers ask us – Do I need an SSL certificate with PayPal? So, read on to know the answer if you too have the same query.
Second, you use third-party payment gateways like Paytm or PayPal, and all the sensitive data is being processed at the website of the gateway. For example, when a customer purchases items from a website, and you direct them to PayPal for transaction. In this case, PayPal will contact the bank and complete the transaction.
Here, your website doesn’t keep the information, and there are no chances of it getting leaked. But if you are capturing even the slightest information, like name, phone number, address, or email address, your customers won’t want it leaked.
Third, you accept the sensitive information like credit card details on your website first, and then send it to third-party gateways. In this case, you need to encrypt all the customer information: when they submit it to your site, and further when you submit it to a third-party processor.
Suggested reading: How to install Let’s Encrypt SSL certificate on your WordPress website?
So, if you have an ecommerce website, it’s recommended that you install an SSL certificate on it.
Does my website need an SSL certificate if users submit information via forms?
Not all the websites collect money or credit card information online. Some websites collect information by asking customers to submit a contact form or login form. For example, some sites ask for basic details like name, address, phone number, email address, etc. to allow a user to download some informational PDF or to watch videos.
Such websites also need an SSL Certificate to protect the information of users or clients. Your users feel confident when they see a padlock icon or https in the URL bar. So, it’s a matter of their trust.
Do I need an SSL certificate for my blog?
Do I need an SSL certificate for WordPress blog? This is another question that our SSL team frequently comes across, so answering it here.
If your website is only a blog, with no products or memberships, and doesn’t even ask for any kind of information, then you don’t need an SSL Certificate.
However, an SSL Certificate can help you increase the traffic. You can read this blog to know how Google ranks websites with SSL certificates, higher in the search results.
Now that you’ve learnt what an SSL Certificate is, and whether your website needs it or not, it’s the time you decide which SSL certificate you need and buy an SSL certificate for your website.
For quick overview of this article, watch the video below:
If you have any query regarding SSL Certificates, let us know in the comments section.