A brief introduction to website SSL certificates

In this article we look at what are SSL certificates, why does your website needs one and how do you install one.

Encryption has become a bit of a hot topic over the course of the last 12 months and has come up in the news a number of times. In this post we look at adding encryption to your website in order to keep you, your visitors and their data safe from hackers or anyone else looking to steal it.

What is SSL?

SSL, or https as it is often referred to in the website world (they are different but for brevity we will call them the same thing), is a way of making sure that the data that is sent between the computer of a website visitor and the server hosting the website is encrypted. This means that anyone getting hold of the data would not know what it actually was as it is scrambled in a way that only the computer sending the data and the computer receiving the data can understand.

Why do we need SSL (https)?

When navigating the website and using websites we often have to enter data into a website. This can be in the form of a contact form, logging into the website or even making a purchase, in a financial transaction. This is where credit card information of bank details are sent across the internet from one computer to another. If a website doesn’t use SSL then this means that data is sent in a format that can be more easily intercepted and stolen.

SSL certificates to the rescue.

The solution is to make sure that your website has an SSL certificate. This certificate validates your website and server and creates a secure connection between the two. Without it browsers would show an insecure warning to users which should put them off from visiting the site.

Browsers (Google Chrome, Safari and Internet Explorer for example) deal with websites that have and don’t have SSL installed in different ways. In the coming months many of these browsers are going to start displaying warning messages to users, indicating when sites are running being served over https or using SSL.

Chrome already does this on login pages when users are expected to enter a username and password (or passphrase as I wish it would be now called) in order to login. It has indicated in the future this will be seen on all pages not being served over https. This could obviously put users off from visiting the site and therefore now it is a good time to fix the problem and get your site working over SSL.

In the past obtaining an SSL certificate has been a cost to a website owner. However now there are many providers offering SSL certificates for free and many of the popular WordPress hosting providers are now offering these without a charge. Many even come pre-installed when you take out a hosting plan. This means that your site should work over https without doing anything. It is just a matter of making sure that your site is installed own the https version.

All websites we build here at Highrise Digital are done so making sure they are using SSL with a valid certificate and that they are served over https by default. Using visiting the non https version are automatically redirected from to the other. If you would like help getting your WordPress site running over SSL then please use the contact form below to get in touch.

Join our WordPress website management newsletter

About the author

Mark is the lead WordPress developer at Highrise Digital. He has been working with WordPress for over 13 years, way back to 2005. He focuses on back-end development, integrating the website build with WordPress so it can be editable.