SSL certificates encrypt the data that passes between your website and its visitors (and enables you to use the “https” version of your website and adds the little padlock you see in the address bar of your browser). Where this was once a nice thing to have, it is now a must if you intend for your website to be competitive in search engines, like Google. The hosts below have SSL certs available, in many cases for free.
Table of Contents
Note: WHdb.com is funded with the help of our visitors. We receive a small commission fee when a user signs up for hosting at no additional cost to our visitors. All information on this website, including prices, is intended to be informational only.
How Much SSL Certificates Cost
SSL certificates can vary drastically in price depending on the type and scope of SSL you’re looking to add. Prices can range from $5 a year to $250 annually. However, it’s becoming common place for web hosts to offer SSL certs for free from providers like LetsEncrypt. If you’re on a hosting provider that charges for SSL, it is possible to add a certificate yourself – although that’s not recommended for beginners.
The largest factor in the pricing for an SSL certificate is the amount of coverage you’re looking for. If you’re adding it to a single domain, a simple SSL from your host or a free provider will suffice. If you need it to cover several subdomains as well, you’ll need a wildcard SSL certificate. This option is ideal for sites with client-facing portals like shopping carts, technical support, or forums. You can also install Multi-domain SSL certificates which can cover multiple domains – perfect for hosting accounts with multiple sites.
Why SSL Certificates Are Necessary
Websites can function without SSL certificates. That said,
there are two major reasons why you
should strongly consider adding them to your site:
- Browsers having started indicating whether or
not your website is using a secure connect via SSL (i.e. using an “https”
version). While the direct impact of https on search engine rankings is so far
minimal, seeing that your site can alarm some users and hurt traffic to your
site. - Companies that have leaked user information to
the public take a massive hit to their reputation – and sometimes they’re even
on the hook for damages from lawsuits. SSL is an additional layer of security
protecting people who visit your site.
SSL Or TLS
One thing that can be confusing when you first start looking into SSL encryption is the difference between the terms TSL and SSL.
- SSL – Secure Sockets Layer: The standard security technology for establishing an encrypted link between a web server and a browser. This is a term often used to group both SSL and TLS technologies for ease of reference.
- TLS – Transport Layout Security: This supersedes SSL as a technology and may be used as an underlying technology for SSL services. This provides the secure communications on the Internet for e-mail and other data transfers.
Web Managers Now Have Options For SSL
Previously, the complexity and cost of an SSL certificate were a barrier to providing this layer of security. More recently, many companies have pledged to secure their websites with SSL now that it is more accessible to all. With Google pushing the benefits of SSL, many social media sites have followed too.
Website managers now have options, they can obtain and install the certificate themselves on their web server, they can ask their host to do this (or another web professional), they can use a third party service.
Getting An SSL Cert From A Web Host
One option to get your website secured with SSL is to ask your host to acquire and install this for you. Most hosts provide this service, although sometimes for a cost. It would be worth looking into before choosing a host if you expect to need this service in the future.
This was the option I initially always took as the process was new to me, and I wanted my website to have the best security it could have. It can be a good option for busy web professionals and business owners.
Installing An SSL Cert Yourself
It is also possible to install the SSL certificate yourself. This can be a complex process and have several steps, including choosing a certificate authority to supply the SSL, generating a certificate, and installing this on the web server.
Sometimes, the SSL Cert can be conveniently installed via the cPanel of your hosting account. To do this, navigate to the SSL Certificates section of cPanel and look for the option to install it. This is also the section that can be used to find out if your host provides free SSL certificates (usually from LetsEncrypt). If this section or option is not available, you will likely need to follow a somewhat complex process of installing it using shell access to your account – and that access may or may not be permitted by your hosting.
Using A Third Party SSL Service
There are now services available that make the SSL process easy. Two high-quality free services are Cloudflare and Let’s Encrypt. These are services I use myself as they are free, easy to use, and have added performance boosting benefits in areas like security and optimization.
Cloud Flare – Get Started
Plans start for free for those who just want to secure a personal blog or other small websites, with various paid plans also available for business and enterprise level. Cloudflare guides you through the process, and I find is especially easy to use as you will be helped with SSL configuration and optimization and don’t have to worry about expiring certificates.
I also really like the fact that each page my visitors visit renders as fast and efficiently as possible due to performance boosting features. These include a content delivery network designed to bring your content closer to your users and several optimization features, like auto-caching to lower the load on your server and auto-minify to save up to 20% load time by automatically minifying your CSS and Javascript files.
A word of caution: when updating your website with auto-caching, you will need to disable Cloudflare to see the results. The caching limits how frequently visitors can see changes to core files like CSS and HTML modifications.
Something else worth noting: Cloudflare won’t encrypt the full pathway from your visitors’ browser to your servers. When you use Cloudflare, you point your domain to their servers, and they point their servers to your hosting provider’s server. If you do nothing else and only use Cloudflare, only the connection from the browser to Cloudflare’s servers will be secure.
For most small websites or blogs, this isn’t an issue. However, if you collect and process personal or financial data from your visitors, you will want to take measures to ensure that encryption protection is in place every step of the way for their data.
Let’s Encrypt – Get started
Let’s Encrypt is a free, automated, and open Certificate Authority. This service offers only free plans and have provided more that 10 million SSL certs since their inception. It is a service that is supported by Mozilla.
There are not quite as many benefits as Cloudflare, but it is a more singular focused service with the security of your website at the heart of its services. Let’s Encrypt automatically renews SSL certificates, is community-run service built on transparent and cooperative principles, and compares this approach to the SSL/TSL protocols themselves.
Are Free SSL Certificates Safe?
Yes! All SSL certs provide an additional layer of security
to your site and protection for your customers. While all SSL cert aren’t
created equal, depending on type and coverage, a single domain SSL certificate
that is free will provide the same benefits and safety as those that you pay
for.
With services like Cloudflare, it is even possible to add
free TLS encryption to your site. While SSL is the industry standard for encryption,
TLS, or transport layer security, represents the next step up.
How To Install A Free SSL Certificate
There are generally 3 ways to add a free SSL cert to your
website. The first is through the control panel for your account. Log into your
hosting account and navigate to your control panel (often labeled cPanel). Once
there, look for the section called “SSL Certificates” and click on it. In this
section you will be able to choose from a selection of SSL certificates (both
paid and free) and install them. At this point, installing the certificate is
just a matter of clicking a couple buttons.
Adding SSL through a service like CloudFlare can be a bit
more involved. Sometimes, you’ll be able to add this through your account’s
control panel with relative ease. If not, you’ll need to create an account with
CloudFlare (don’t worry, there’s a free level that’s suitable for most users).
Once you’ve done that, you’ll need to log into your domain registrar and point
the nameservers to CloudFlare. During this process, your site shouldn’t experience
any downtime.
It should be noted that CloudFlare technically doesn’t add a
full SSL connection between your visitors and your site, just between your visitors
and their servers. For most
businesses though – especially those with no online transactions – this is a
non-issue.
The final way of adding a free SSL certificate to your site is
to do it manually through accessing your server directly. This approach is not
recommended for beginners though.
The Best Free SSL Certificate Authorities
When it comes to free SSL certs, there is only one thing to
take into consideration: some certifying authorities only provide the initial
certificate for free. Once it expires and you must renew, you will have to pay
at that time.
While many web hosts do include free SSL as a
part of their hosting plans, some host do
not – and you might be surprised that this even includes some of the most
popular names in hosting. Always research a web host before making a decision.
