Add another layer of website security with SSL/TLS encryption

Install SSL certificat

Any savvy web shopper will know to look out for the encryption symbol when buying on the web. It’s the little padlock that signals that a website is safe to use. Using SSL/TLS Protocol encryption means that no ‘man in the middle attacks’ can steal sensitive information like your credit card details.

You can secure your website too. The process is easier than it has ever been before, has lower costs to implement and can often even be free. Web sites secured with SSL will need to have installed an SSL certificate.

I have been encrypting my websites for several years now after SSL became a factor in the Google ranking signal announced in 2014. But this was just the push I needed because it makes sense to secure all data with SSL. Not only is any data secured but the encryption is a symbol of trust.

SSL or TLS

One thing that can be confusing when you first start looking into SSL encryption is the difference between the terms TSL and SSL.

TLS – Transport Layout Security
This supersedes SSL as a technology and may be used as an underlying technology for SSL services. This provides the secure communications on the Internet for e-mail and other data transfers.

SSL – Secure Sockets Layer. the standard security technology for establishing an encrypted link between a web server and a browser.
This is a term often used to group both SSL and TLS technologies for ease of reference.

Web managers now have options

Previously the complexity and cost of an SSL certificate were a barrier to providing this layer of security. More recently many companies have pledged to secure their websites with SSL now this is more accessible to all. With Google pushing the benefits off SSL many social media sites have followed too.

Web site managers now have options, they can obtain and install the certificate themselves on their web server, they can ask their host to do this (or another web professional) additionally, they can use a third party service.

SSL from the host

One option to get your website secured with SSL is to ask your host to acquire and install this for you. Many hosts will do this although usually for a cost so would be worth looking into before choosing a host if you expect to need this service in the future.

This was the option I initially always took as the process was new to me and I wanted my website to have the best security it could have. It can be a good option for busy web professionals and business owners.

Do it yourself SSL

It is also possible to install the SSL certificate yourself. This can be a complex process and has several steps including choosing a certificate authority to supply the SSL, generating a certificate and installing this on the web server.

This guide from digital ocean covers the process with the popular domain name registrar godaddy.com.

Using a third party SSL service

There are now services available that make the SSL process easy. Two high-quality free services are Cloud Flare and Let’s Encrypt. These are services I use myself as they are free to use, easy to get started and have added performance boosting benefits in areas like security and optimization to name a few.

Cloud Flare – Get Started

cloudflare

Plans start for free for those who just want to secure a personal blog or other small personal websites, also with various paid plans also available for business and enterprise level.

CloudFlare guides you through the process and I find is especially easy to use as you will be helped with SSL configuration and optimization and don’t have to worry about expiring certificates.

I really like the fact that each page my visitors visit renders as fast and efficiently as possible due to performance boosting features.

These include a content delivery network designed to bring your content closer to your users. Also included are several optimization features like auto caching to lower the load on your server. Another optimization feature is auto minify saving up to 20% load time by automatically minifying your CSS and Javascript files.

A word of caution when updating your website with auto caching you will need to disable Cloud Flare to see the results as the caching limits how frequently visitors can see changes to core files like CSS and HTML modifications.

Let’s Encrypt – Get started lets encrypt logo

Let’s Encrypt is a free, automated, and open Certificate Authority this service offers only free plans and had provided more that 10 million of these. It is a service that is supported by Mozilla.

There are not quite as many benefits as Cloud Flare however, it is a more singular focused service with the security of your website at the heart of its services. One benefit with Let’s Encrypt is automatic renewals of the SSL certificate.

Let’s Encrypt is a community-run service built on transparent and cooperative principles and compares this approach to the SSL/TSL protocols themselves.