Built for all platforms
SSL is an acronym for Secure Sockets Layer. It is the standard security technology for establishing an encrypted link when connecting the visited site’s web server to the audience’s browser.
SSL certificates are a good practice when it comes to website security, especially for websites collecting any form of data—whether that’s credit card data, login credentials, names, addresses, or any other form of Personally Identifiable Information (PII).
Make no mistake, having an SSL Certificate does not mean that your actual website is safe. There is a big difference between website security and SSL certificates.
There can be several benefits of installing SSL certificates. Many cloud providers, such as Content Delivery Networks (CDNs) and Web Application Firewalls (WAFs) solutions like Sucuri, are able to offer it at no additional charge.
Some hosts offer free SSL, including one-click SSL options and experienced webmasters can also generate their own free SSL certificate (i.e. Certbot / Let’s Encrypt).
Going through an established provider can be a very effective way at consolidating solutions to ensure that you have someone who can solve many initiatives at once (website security, performance, data encryption).
As mentioned earlier,you can get a free SSL through a provider or by installing it yourself.
In order to install an SSL certificate on a website, you would need to either purchase one from a certificate authority, such as GoDaddy, or use a free certificate from Let’s Encrypt.
Some hosting companies provide SSL certificates to their customers, by default. We would recommend contacting your host to ensure you’re not taking any unnecessary steps.
Your host, or managed website provider, can also support you with the installation and ongoing management of your certificate.
If you are using the Sucuri Website Firewall (WAF), even if you do not have an SSL certificate on the origin server for your website, SSL will be enabled on your firewall servers by default. This ensures the data is encrypted between visitors and the page they view via the firewall server. However, we still recommend having an SSL certificate on the origin server.
If you choose to go with a free SSL certificate on your own, the Sucuri team has created a step-by-step tutorial on how to implement a free Let’s Encrypt certificate and deal with post-SSL factors like mixed content warnings.
If you have difficulty with the guide, please contact your host or chat with Sucuri to learn how we can help you activate SSL/HTTPS via the Sucuri WAF.
SSL certificates will help satisfy requirements outlined by the Payment Card Industry Data Security Standards (PCI-DSS).
An SSL certificate can offer key length of 2048 bit signatures with a 256 bit encryption
SSL certificates are trusted by all major browsers & devices. Visitors will recognize that their personal data, such as credit cards or emails, are properly encrypted.
Google will penalize your site for not being HTTPS. Website authorities have been penalizing non-HTTPS websites since 2017.
Website Security need to know
Join our email series as we offer actionable steps and basic techniques for WordPress site owners.
Based on our data, the three most commonly infected CMS platforms were WordPress, Joomla and Magento.