Why you need an SSL certificate for your website
Do you need SSL for SEO?
Written by Nadin Thomson
Why do you need an SSL certificate?
An SSL certificate is an important requirement for your website to be taken seriously by Google. Your Search Engine Rankings are affected if you don’t use a secure connection on your website. Furthermore, the user experience can be negative if your website is flagged up as insecure. An SSL certificate improves general website security and it’s also a ranking signal for Google.
It’s purely down to the website owner to look after SSL security and make sure they use a valid SSL certificate. Depending on your hosting provider, it can be super easy and free to have a secure website. If your domain and name servers point to your hosting provider, most hosting companies provide a free SSL certificate.
Once an SSL (sometimes also called a Wildcard SSL or Wildcard SSL certificate) is installed, your website’s address will change from http to https.
If you need to buy a certificate, you will need to have your domain validated with the certificate authority. They basically need to check to see if you are who you say you are. The only allow a certain number of email addresses to be used for domain validation.
SSL certificates can seem complicated and don’t get me wrong – they are! This is a very simplified guide about SSL certificates.
I have created a video explaining why your website needs an SSL certificate and the steps you can take to install one.
Once it’s installed, it’s another positive ranking factor for Google. It won’t have a direct immediate effect on your search engine results, but if your website uses https encryption (an https protocol), your website visitor and Google will trust your website is run by a professional business.
Therefore, SSL encryption is an SEO benefit which can improve your Google ranking / search ranking.
What is an SSL Certificate?
An SSL certificate is a bit of software that should to be installed on the web server where your website is hosted.
There are different reasons to have an SSL certificate for your website:
- You are letting your website visitors know you care about the data they send through your website. When someone fills in a contact form or buys products, they will enter their personal information such as their name, address and email address. When these details are then sent, they will be encrypted by this software so that their information isn’t compromised or stolen by hackers.
- This also makes your website more trustworthy to your website visitors.
- Google shows websites with an SSL certificate higher in the search results than those that don’t have one (especially in Google Chrome website are sometimes displayed as insecure of there’s no SSL certificate installed)..
There are two types of certificates:
- Free certificates
- Paid certificates (within those, there are different types again for different levels of encryption, but for this little guide, this simple distinction is enough).
How to use a free SSL certificate on your website?
Your web admin can install a free certificate if the name servers of your domain name point to your web hosting. However, the person installing the free certificate may still charge you an admin fee.
How can you find out if the name servers are pointing at your hosting company?
Watch the little video explaining how this is done.
- Open www.whois.com
- Enter your domain into the search field in the top right and click Enter on your keyboard or the search button.
- Under Name Servers, you will see where the name servers point to.
- For example, you registered your domain name with 123-Reg.
- If your web hosting is at Heart Internet and if your name servers point to Heart Internet, then the name servers would be called ns.mainnameserver.com and ns2.mainnameserver.com
- In my example (see video), the name servers are with 123-Reg
- This means, my name servers do not point to the hosting company, and I need to buy a certificate.
Paid SSL certificates for your website
If your name servers are not with the hosting company, then you will need to buy a certificate. They normally cost approximately £50 per year.
If you need to buy a certificate, you will need to have an admin email address setup so that the certificate issuing authority can send the confirmation email to the company who owns the domain name. This is mandatory and you cannot use an existing e-mail address.
One of the following email addresses need to be set up to receive the confirmation email. Make sure this is setup before you buy the certificate. You will only need one of those email addresses.
- If you use POP3 or IMAP email addresses, you can easily set up a new address.
- If you use MS365 or G-Suite email addresses, you can easily set up an Alias which is then forwarded to your main email address.
You do not need to buy an additional email address to receive this confirmation email. An alias is sufficient.
Select one of the following email addresses so you can receive the confirmation e-mail:
- admin@[your domain]
- administrator@[your domain]
- hostmaster@[your domain]
- postmaster@[your domain]
- webmaster@[your domain]
What happens after you bought an SSL certificate from your web hosting provider?
After you bought the SSL certificate (usually from the same company where your website is hosted – this is by far the easiest way!), usually after 10 minutes, you will receive an e-mail which contains a confirmation link. Click this link and confirm that you are the legal owner of the domain name. Sometimes, there are additional instructions in the e-mail. In this case, forward this e-mail to your web designer or hosting company and ask them to do the required steps.
Afte this, the web hosting company will usually do the rest and install the certificate for you. This can take anything between an hour and a day, depending on their response times. Your website will then be an https website rather than just an http website.
When an SSL certificate is correctly applied to your website, your web address will change from http:// to https:// and it will show a padlock beside your domain name in the browser’s address bar.
After that, it usually takes another half an hour for it to work properly. Make sure that any hard-coded http references are amended to point to https://, for example image files, CSS files, links to downloadable files.
Don’t delete the e-mail address / Alias you have set up, as you will need it again next year.
Nadin Thomson started developing websites in 1999 as a hobby and started her business as a web developer in 2004. She has 18+ years of experience in helping businesses of all sizes to create an online presence and improve their website. She's also worked as a photographer in Scotland for 15+ years. The majority of her customers found Nadin through Google as she's continually optimised her website for SEO.
Nadin Thomson has a University Business degree and a Postgraduate Diploma in Digital Marketing.