“Everything Changes” ~ Heraclitus
Technology change is decidedly a constant in our lives. Evolution of best practices to maintain a secure and well ranking website are also a way of life.
A very important and relatively new best practice has evolved to a requirement over the past year.
SSL (Secure Socket Layer) is nothing new.
However, the need to implement it on every website aspiring to be seen as a legitimate player on the WWW and secure from increasing threat from hackers IS a relatively new thing.
Google made it clear a few years ago that the search ranking potential of every site would affected by whether or not SSL has been implemented. That enhancement has now become accepted as a ‘must-have’ to ensure security as well as best potential for search rank. The lack of SSL is not only negatively affecting rank, sites are being penalized for not having SSL.
Please read on through this Part 1 post to understand why you need SSL for your site now. Part II will follow shorty, clarifying why SSL certificates are not created equally. A little extra education and points of caution before you buy or settle for your free or suspiciously cheap SSL. At the end of the day, “You get what you pay for” definitely holds true here.
It is important be aware of and follow best practices as much as possible in the pursuit of securely maintaining and growing the internet hub for your business. As the #1 search engine, most changes in this arena are unquestionably lead by Google. Many site security maintenance best practices depend on the components of a particular site build. For example; updating plugins regularly and having a secure, reliable backup are two universally critical practices for any WordPress site owner.
Few changes in past years have been as universal as this recent one driven by Google.
What is SSL (Secure Sockets Layer)
“a standard security protocol for establishing encrypted links between a web server and a browser in an online communication.” It authenticates identity and encrypts communication between any two systems.
SSL is standard for any site sharing sensitive information or doing Ecommerce but until this year would have been considered overkill for your average business blog, brochure or information only site. Now thanks to Google making it a higher priority than in the past, it is a unofficially a requirement to avoid users being blocked from seeing your site or receiving a “this site is not secure” type of warning when they arrive.
SSL is a good thing
Increased security on the web is good!. The difference is that this has fast become the new price of admission if you intend to participate legitimately on the web.
You may be familiar with seeing https:// as a prefix for many sites you visit. It is an indication of SSL in action. You may have also noticed it showing up more and more on just about every site.
Google has driven this change to require SSL, which effectively ups the ante for the basic investment required to exist professionally on the internet. Without SSL sites are gradually beginning to resolve to this common warning when new users arrive.
Not all SSL are created equal.
Be wary of free, or bargain basement or free SSL certificates. Like most things you get what you pay for. Educate yourself before you decide what to buy.
The proper implementation of SSL has many variables, from the legitimacy and effectiveness of the SSL certificate itself to the very real potential to be ineffective, create gaps where the certificate is down temporarily and your rank takes a hit, or worse. We have witnessed ‘free’ host implementations actually break some sites and/or significantly adversely affect their existing rank.
Boost has been working with existing clients to educate them on the best practices and risks involved and to update sites properly safely and effectively attending to all of the best practices within this best practice to maximize current and future site and ranking health.