DO I NEED AN SSL CERTIFICATE FOR MY WEBSITE?

DO I NEED AN SSL CERTIFICATE FOR MY WEBSITE?

Today inseparable from the digital landscape, SSL certificates are used to guarantee secure and encrypted information exchanges. They are also used to verify that you are connected to the desired service and not to a fraudulent clone. These are real credibility factors insofar as they will be considered a guarantee of security.

If you have a website that requires a secure connection, you may need to consider installing an SSL certificate to ensure the trust of all your visitors with the guarantee of confidentiality of information transfers.

In this article you will find answers to the most frequently asked questions about SSL

What is the difference between HTTP and HTTPS?

What is HTTP?

HTTP, stands for HyperText Transfer Protocol. it is a protocol intended to govern the transfer of shared files on the web. It tells web servers and browsers what actions they should take according to the different commands. In other words, entering a URL in your browser sends an HTTP command back to the web server asking it to find and display the requested page as defined.

However, the HTTP protocol quickly showed its limits. Network administrators had to develop a system to protect the flow of information threatened by hackers. This is the SSL certificate that encrypts online data. This is how HTTPS was born.

What is HTTPS?

This encryption procedure means that senders and recipients transmit a code. If someone tries to intercept the message, they will only find data that cannot be deciphered without this code. This is a document called an “SSL certificate” containing the keys to decrypt the message. Security during transfer is called Secure Sockets Layer (SSL) and Transport Layer Security (TLS).

HTTPS is therefore the use of HTTP coupled with a layer of security. Secure websites that want to protect a user’s connection by encrypting information can do so in 3 layers:

  • Encryption, to ensure that user activity has not been tracked and that none of their data can be stolen.
  • Data integrity, to prevent files from being corrupted during transfer.
  • Authentication to further strengthen protection against attacks.

Why switch my site to HTTPS?

We often wonder if implementing such a strict protocol could negatively affect our positions in the SERPs. In reality, it is completely the opposite. HTTPS is influencing rankings among the top results today.

Indeed, the leitmotif of Google offers its users relevant results, on sites whose navigation is fluid, fast and secure. It was in 2015 that the giant announced that the HTTPS protocol officially promotes the ranking of pages on a site.

the fraud and hacking scandals have made Internet users more informed and know how to recognize the basics of a secure site thanks in particular to the “padlock at the top of the url!” security buckets. Also note that Chrome users see the HTTP blocked site outright, indicating that it is an unsecured site! We therefore dare not imagine the bounce rate of these sites.

How to migrate to a secure HTTPS site?

Obtain your SSL certificate

OXABOX offers an option to easily switch your site to HTTPS from a client interface. You can choose between several types of SSL certificates:

  • DV SSL Certificate: Single Domain: Valid for only one domain URL.
    OV SSL certificate: This type of certificate is issued within 1 to 3 days. It offers an advanced level of security. Requires more paperwork and business verification is done.
    EV SSL Certificate: Only one domain or subdomain and corporate verification required. It is issued within 2 to 7 days and allows you to have a green address bar, which is a good indicator of confidence for Internet users.
    Multi-Domain SSL Certificate also known as SAN certificate: Secure multiple domain names and multiple host names within a domain name. You can define a primary domain and then add up to 99 additional Alternate Domain Names (SANs) in a single certificate. This is ideal for businesses with multiple subdomains and URLs for different departments, product lines or geographic locations.
    Wildcard SSL Certificate:This type of certificate is used to secure any subdomains that you may have for a single domain.

Install your SSL certificate

The installation of the SSL certificate depends on the tool you are using. You will find complete documentation that allows you to install SSL certificates on Microsoft server, Apache, Plesk, MS Exchange on the blog of your Oxabox web host.

I have unsecured pages, how do I fix this?

Checking the https protocol

Check that your browser tells you that the connection is secure in “https” with the correct correct parameters (green padlock with “Secure” in chrome) and that the certificate is valid by clicking on the padlock.

If not, you need to set up or update your SSL certificate.

  • Check that URLs starting with “http” instead of “https” redirect to the corresponding “https” url. This should be a 301 redirect, not a 302 redirect.
  • If the “http” URLs open the page, without 404 or redirection, it means that the pages of your site are duplicated -> In this case, it is absolutely necessary to implement the 301 redirects as soon as possible.

In order to fluidify your internal mesh and ensure that the robot crawls efficiently with the fewest redirects possible, you must modify the internal links in order to remove the links pointing to the URLs in HTTP and modify them by those in HTTPS.

You should see a gradual improvement in your traffic after migrating from HTTP to HTTPS. However, switching from HTTP to HTTPS can be a delicate process that requires following the instructions of the various tools so as not to make mistakes that could penalize your site.

 

OXABOX provides you with the best SSL solution and supports you throughout the installation process. Do not hesitate to contact us.