If you’re just a casual internet user, then you probably haven’t noticed how some websites start with “https://” while others just have “http://.” That “s” plays a large role in keeping your internet usage safe; that little letter prevents shady people from getting hold of your private information and your finances. That “s” means that the website is using Secure Socket Layer, or SSL.
SSL was first developed in 1995 by Netscape, and its purpose was to ensure the privacy of online users, and the authentication and integrity of data used in online communications. For those of you who are too young to remember, Netscape was one of the biggest tech companies in the 90s.
Why is SSL important?
First, you need to learn what could possibly happen when you visit an unsecure website.
When you fill out a form with all your information and you click on the send button, it could be intercepted by hackers. This is called a “man-in-the-middle” attack, and this could be done in several different ways.
For instance, a hacker can install a very small, nearly undetectable listening program in the website’s server. This program would wait until a visitor would start typing in his/her information into online forms. It would then capture that information and send it to the hacker.
The information captured could be anything from a person’s real address, bank account numbers, credit card information, and other important stuff. These kinds of online attacks can be nullified if the websites you visit use SSL.
Here’s how SSL works
When you open a website that uses SSL, it will form a connection/agreement with your web browser on how the two will encrypt and decrypt any information that you will be sharing. This connection is so secure that you and the website you visited are the only parties that can understand the information shared between the two of you.
If hackers do manage to intercept the information you shared, they will only get a bunch of garbled letters and symbols. The only parties that have access to the tools to de-crypt the information is the SSL-secured website and your browser.
If you want to make your own website secure, you need to get an SSL certificate. The good news is that it’s quite easy to do.
- Your website must have its own dedicated IP address. If your current webhosting plan does not include a dedicated IP, upgrade it so that it does.
- Purchase an SSL certificate. This is unlike the certificate that you are maybe thinking of right now. An SSL certificate is not a document, it’s, for a lack of a better term, a paragraph-long password. When someone visits your website, their browser checks its SSL certificate and verifies it with Certificate Authorities to ensure that it’s indeed your website.
- Activate the certificate. It’s better, and less of a hassle if you let your webhosting company do this for you. It just takes one to two days, so you might as well wait.
- Install the certificate. Again, it’s best to let your webhost do this step for you.
- Update your site to use SSL. The SSL certificate is already activated so the only thing that you need to do right now is to figure out on which pages of your site it’s needed. Typically, you should only put SSL security on the login page and on the pages where your guests need to fill in forms. Putting SSL on every page will make your website load slowly.
Congratulations! Your website is now secure, and your regular visitors can now rest easy in the knowledge that their information is in safe hands.