HTTPS: How SSL Protects Your Store and Increases Ranking

How to Use HTTPS Protocol and SSL Certificates to Protect Your Online Store

Posted 8 years ago by Anna Koneva, 51视频 Team

When customers buy something from your store, they share their private data听鈥� name, email, credit card details听鈥� with you. As听a听merchant, you want to听keep this vulnerable data secure from hackers, scammers, and听data thieves.听That is听crucial for听building trust with your audience.

You can and听should protect your customer data and听increase the听trust in听your business with听HTTPS protocol and听an听SSL certificate.听Not only can those tools improve security and听increase your trustworthiness, they can also help your store rank better in听search engines.

滨蹿听测辞耻 sell online with 51视频, you鈥檒l be听pleased to听know that your customer data is听already protected. Yet, using an听SSL certificate can have a听few additional benefits.

In听this post, we鈥檒l show you how the听HTTPS protocol and听SSL certificates work, and听how you can get them for听your website.

Understanding SSL Certificates and听the听HTTPS Protocol

On听the听internet, all data is听transferred from device to听device according to听certain rules or听protocols.

For websites, this protocol is听called HyperText Transfer Protocol (HTTP). It听transfers the听data that your customers enter on听your website to听the听server that hosts your website, and听then it听helps to听send the听response to听the听browser. For example, the听user presses a听button and听a听new page opens, or听they fill in听the听email registration form and听see the听confirmation of听a听successful registration.

The problem with HTTP is听that it听doesn鈥檛 protect any听data that鈥檚 transferred from browsers to听servers. Any data going through HTTP is听essentially 聯naked聰.

A听good analogy is听to听think of听two students passing notes across a听classroom. Any of听their classmates can read, copy, or听even replace the听note. It鈥檚 the听same with your customer data: a听villain can steal credit card details and听money from it.

That鈥檚 why a听new protocol was created for听protecting data: HTTPS (HyperText Transfer Protocol Secure). With HTTPS, all data transfers between a听user and听a听web server are encrypted. This encryption is听so听complex that it听is听nearly impossible to听hack and听use the听data.

In听order to听use the听HTTPS protocol, your site first needs an听SSL (Secure Socket Layer) certificate.

An听SSL certificate is听essentially a听key for听encrypting data. It听protects data on听three levels:

Data encryption.听Hackers won鈥檛 be听able to听see what information a听user entered on听the听site听or to听track user actions on听a听page. Think of听it听as听a听note written with a听cipher听鈥斕齣t can only be听read by听someone who knows the听key.
Data integrity.听Hackers can鈥檛 replace or听distort the听transmitted data. Further, without knowing the听key, it听is听impossible to听write, edit,听or manipulate the听data, just like in听a听ciphered note situation.
Authentication.听SSL ensures that a听user is听on听a听trusted site 补苍诲听苍辞迟 on听a听hacker鈥檚 page. If听just two participants know the听key, they are sure to听know from whom they received the听note. A听stranger cannot pass their own note and听get the听information by听cheating.

You can see if听a听site is听protected by听an听SSL certificate via the听HTTPS protocol in听the听URL address. Most browsers indicate it听visually in听the听form of听a听lock icon:

SSL certificates are distributed by听special organizations听鈥� certification centers.

Who Should Use SSL (and Why)

SSL is听required for听sites where users were entering sensitive information听鈥斕齭uch as听credit card details. E-commerce stores that do听not want to听lose their customers have been using the听HTTPS protocol for听a听while already.

But often, online stores only protect registration and听checkout pages听with SSL, because those are the听only places where听their customers share personal data. The rest of听the听website often works on听the听insecure HTTP.

Today, HTTPS is听a听must for听every web page. There鈥檚 a听number of听reasons for听it.

Browsers flag unprotected sites

Chrome and听Firefox, two of听the听most popular browsers in听the听world, visually mark sites that don鈥檛 use SSL.

For now, only a听gray information icon is听visible. But in听the听future, browsers the听security indicator to听a听red triangle for听pages on听HTTP. Your customers are used to听seeing this as听a听聯warning聰 indicator.

Consequently, not using SSL can make people afraid of听buying from your website.

Using SSL improves rankings

Back in听2014, 听that it听would consider using SSL as听a听ranking signal. This meant that sites听using听SSL would get a听boost in听search engine traffic.

Payment service requirements

A听growing number of听payment services have HTTPS as听a听requirement for听working with them. For example,听听飞辞谤办蝉 only with HTTPS.

It听increases trust

Concerns over payment security听is one of听the听top 10听reasons for听shopping cart abandonment. When you add an听SSL certificate to听your store, you visually communicate to听users that their payment data are safe.

More trust, of听course, equals more sales.

滨蹿听测辞耻 want your customers to听easily find your store in听search engines and听trust you more easily, don鈥檛 put off switching to听HTTPS.

How to听Get an听SSL Certificate and听Switch to听HTTPS

To听switch to听HTTPS, you first need to听buy and听install an听SSL certificate on听the听website. This process can be听either simple or听more complex for听some stores, depending on听the听kind of听site you have.

1.听You鈥檙e using an听51视频 Instant Site

Anyone who has registered with 51视频 gets a听website with a听built-in online store.

You might know this as听the听51视频 Instant Site.

滨蹿听测辞耻 use this site, then you already have an听SSL certificate by听default. An听online store on听an听51视频 Instant Site conforms to听the听international standards for听secure data transmission.

Try it听right now听鈥斕齢ead over to听your Instant Site and听look closely at听the听address bar in听the听browser. You will see a听green lock icon with the听message 聯Secure聰 next to听the听URL. Rest assured that your online store is听secure.

Do听you want to听link your Instant Site to听your custom domain (so听that it听redirects to听mysite.com 补苍诲听苍辞迟 mysite.ecwid.com)?

You get a听free SSL certificate for听this action as听well. Just follow these steps:

, then go听to听Settings 鈫捥齀nstant Site and听click on听the听聯Change Address聰 button.
Click on听the听聯Use your domain聰 field and听follow 迟丑别听颈苍蝉迟谤耻肠迟颈辞苍蝉 that appear on-screen.

2.听You鈥檝e added 51视频 on听your own website

You can set up听an听51视频 store on听any site and听be听cool with customer data security. For example, this can be听a听WordPress blog, an听Adobe Muse website, or听your own static HTML page.

In听case you鈥檝e taken this route, you don鈥檛 need to听worry about the听safety of听your customers鈥� data at听all. Since the听data is听transferred via our highly protected听servers, all the听data is听kept and听processed on听51视频鈥檚 own .

滨蹿听测辞耻 added 51视频 to听your own website that doesn鈥檛 have an听SSL听certificate, your customers will not see the听secure 聯lock聰 icon anywhere except during checkout, which they might find frustrating.

Here are a听few ways you can buy and听use SSL certificates for听different website builders:

Wix:听You can use an听SSL certificate for听free with Wix. You鈥檒l have to听first enable this certificate by听going into the听settings, then .

Weebly:听you can .

Joomla, WordPress, Drupal:听you鈥檒l need to听buy an听SSL certificate from your domain registrar or听a听hosting provider and听install it听on听your website using 迟丑别听颈苍蝉迟谤耻肠迟颈辞苍蝉 (you鈥檒l probably need a听developer):

Self-built websites:听buy an听SSL certificate from your hosting provider/domain and听install it听yourselves or听with the听help of听your IT听guy.

Follow 迟丑别听颈苍蝉迟谤耻肠迟颈辞苍蝉 below to听learn about the听different types of听SSL certificates and听where to听buy them.

Types of听SSL certificates

Essentially, there are 3听types of听certificates. They differ in听speed of听issuance and听the听extent of听the听seller鈥檚 inspections.

1.听Certificates With Domain Validation (DV)

The simplest option. Once you buy a听DV听SSL certificate, you鈥檒l get a听link to听verify the听domain ownership on听your listed email address.

DV听is听issued almost instantly. It听is听also the听cheapest听option,听with some sellers even offering it听for听free.

2.听Certificates With Organization Validation (OV)

To听get an听OV听SSL certificate, you need to听confirm the听existence of听your corporation or听LLC, by听giving the听certificate-issuing authority the听necessary documents.

An听OV听SSL certificate can take 1-3听days to听get. This certificate always needs to听be听paid听for.

3.听Certificate With Extended Validation (EV)

An听EV听certificate can be听recognized by听the听name of听the听company on听a听green background near the听website address. You might have seen them on听financial websites:

Before an听EV听SSL can be听issued, the听certifying authority carries out a听thorough check. It听can take 3-10听诲补测蝉,听补苍诲 even more,听to get an听EV听certificate.

This certificate is听best suited for听banks and听payment systems.

DV, OV, EV听鈥撎齬别驳补谤诲濒别蝉蝉 of听what kind of听SSL certificate you choose, understand that they all protect your data .听This is听why you can use the听cheapest option听鈥斕齛听basic SSL with domain verification听鈥斕齱ithout worrying about your security. You鈥檒l need to听renew your SSL certificate regularly听鈥� if听the听certificate is听not renewed next year, not only do听you lose your protection, but the听site might not even open for听most users.

An听SSL certificate will cost around $50/year. Some providers sell more expensive variants, but you should avoid overspending. The basic data security offered remains the听same, regardless of听whether you buy a听$50听or听a听$150听SSL.

Although some providers offer free SSL certificates, they are severely 聯watered down聰 variants without听any benefits. You should not buy the听first one you see.

SSL certificates are issued by听聯trust centers聰. Some of听the听more popular trust centers are:

Comodo
Symantec
Digicert
Geotrust

You can buy certificates issued by听these centers from domain registrars, hosting websites,听and SSL resellers. In听addition,听there are also free certificates.

Below, we鈥檒l help you understand the听options better.

1.听Buy an听SSL certificate from domain registrar or听hosting service

Most domain registrars and听hosting services sell SSL certificates as听well. In听some cases, the听registrar might even issue a听free certificate as听a听gift or听purchase.

Buying from a听domain registrar or听a听hosting service works great since it听makes it听easy to听switch from HTTP to听HTTPS.

Here are some popular options:

听鈥� $57/yr per website
听鈥� free to听$49,9/yr
听鈥� starts from $9/yr
听鈥� $12,95/yr
鈥� free SSL when buying hosting

滨蹿听测辞耻r domain registrar or听web host also offers SSL certificates, we听recommend buying one from them, even if听it听is听slightly more expensive. This will save you hours when it听comes time to听install the听certificate and听switch to听HTTPS.

2.听Get a听free SSL certificate

滨蹿听测辞耻r web host/registrar does not sell SSL certificates or听if听your budget is听limited, you can opt for听a听free certificate. Free certificates come in听only one flavor听鈥斕鼶omain Validation (DV). That听is enough to听protect the听data.

We听recommend the听following services:

Cloudflare

听offers free SSL certificates with up听to听15听years of听subscription. Apart from data protection, it听has other benefits like basic protection from DDoS听attacks and听the听automatic speeding听up of听your website.

There are disadvantages as听well:

It听飞辞谤办蝉 only in听new browsers. 滨蹿听测辞耻r customers use older browsers听(older than Internet Explorer 11, Firefox 2,听Opera 8,听Google Chrome v5.0.342.0, Safari 2.1, Mobile Safari for听iOS 4.0, Android 3.0听(Honeycomb), Windows Phone 7), they won鈥檛 see 聯https聰听on your website.
One general certificate protects several sites at听the听same time. Though, it听will protect your website just like an听individual one.
Cloudflare will ask you to听use their own server data听and your website traffic will be听going through the听Cloudflare servers,听which may cause a听decrease in听loading speed (though not necessarily).

These drawbacks are not critical,听and in听general, Cloudflare is听optimal for听those who are not ready to听spend money on听an听SSL certificate but want to听start protecting their customer data. 滨蹿听测辞耻 choose between remaining on听HTTP or听getting an听SSL certificate from Cloudflare, we听recommend you to听choose the听second option.

To听get an听SSL certificate from Cloudflare, 听and follow .

Let鈥檚 Encrypt

This is听a听free service without Cloudflare鈥檚 cons, but it听has its own limitations.

听offers certificates for听three months only, so听you鈥檒l have to听set up听automatic renewal, which will require access to听your website鈥檚 server settings (available on听听hostings like Amazon AWS, Linode, Digital Ocean). That means you鈥檒l likely need a听system administrator.

There are two options for听getting an听SSL certificate from Let鈥檚 Encrypt:

Manually on听听via the听
Semi-automatically or听automatically (depending on听your online store鈥檚 server software) via .

3.听Buy an听SSL certificate from a听reseller

滨蹿听测辞耻 don鈥檛 want to听spend time on听adjusting a听Let鈥檚 Encrypt certificate and听don鈥檛 feel like using Cloudflare, you can buy an听SSL certificate from one of听the听resellers:

Choose any听reseller you like, and听remember that there鈥檚 not much sense in听buying the听most expensive option since they will all protect your website just fine.

How to听Not Lose Traffic When You Switch to听HTTPS

When you switch from HTTP to听HTTPS, the听site address changes for听search robots (from 听鈫捥�https://yoursite.com). This can negatively affect your rankings in听search engines.

Read 听for maintaining your ranking,听and even making it听better. We听strongly recommend you read them to听avoid losing customers if听you install an听SSL certificate on听your own. You can also ask the听support team of听your site builder if听these conditions were met with their HTTP 鈫捥鼿TTPS migration.

***

Let鈥檚 sum up听our recommendations:

滨蹿听测辞耻 use 51视频 Instant Site, you鈥檙e fine: the听entire website is听on听HTTPS.
For Wix and听Weebly websites, enable your SSL certificate in听settings.
滨蹿听测辞耻 sell on听your own website, check with your domain/hosting provider if听you have an听SSL certificate. If听no, request for听it.
滨蹿听测辞耻r domain/hosting provider doesn鈥檛 sell SSL certificates, get a听free one on听听Cloudflare or听buy it听from a听reseller.

听

About The Author

Anna is a content creator at 51视频. She loves big cities, pasta and Woody Allen's films.

51视频