Ever wondered what the little padlock in your browser next to the website’s domain name is? That’s an indicator that the website is encrypted by an SSL certificate. If you don’t see one (or if the lock is open/red), it may mean that you’re visiting the site over an unsecure connection that anyone else can be “listening in” on.

What is an SSL Certificate?

SSL certificates make your website more secure by:

  1. Certifying, through a certification authority that’s trusted by your browser, that the connection is secure
  2. Encrypting data sent between your website and its visitors

They also help increase trust (and sales!) by displaying the security lock in your browser’s address bar.

When data is transmitted securely on the web, it uses an HTTPS connection. HTTPS stands for Hypertext Transfer Protocol Secure. It’s the secure version of HTTP, the default means through which computers communicate over the Internet.

Why are SSL and HTTPS important?

SSL and HTTPS are crucial to prevent specific types of virtual threats, called man-in-the-middle attacks. These are situations where a hacker would be connected to your wifi network (for example, in a public café) and intercepting unencrypted data being transmitted between your website and your device. In more sophisticated attacks, they could even pretend to be your website while unsuspecting clients submit new credit card orders.

Some of this data, such as passwords and credit card information, is very sensitive and should never be transmitted over unsecure connections. Once the connection is encrypted, even if the hacker were to intercept the data, they would be unable to decipher and understand it.

Having an HTTPS connection is also a known ranking factor for search engines such as Google, as well as a trust factor for people visiting your website. Even folks who don’t know what an SSL certificate is can recognize a broken red padlock as a bad thing, and some browsers now block you from accessing sites through HTTP unless you explicitly accept the risk of accessing an unsecure website.

In other words, if you don’t have an active SSL certificate on your website, you’ll get less traffic and people will spend less time visiting your pages. Since the whole point of a website is to attract and assist visitors, not having an HTTPS connection is a big problem.

How can I get an SSL Certificate?

Premium SSL certificates can often be ordered from your hosting provider or specialized security providers, while basic SSL certificates often come bundled with web hosting plans.

If your hosting account includes basic SSL security, it will likely use automated SSL provisioning technology powered by either Let’s Encrypt or, as is the case for WHC, cPanel’s AutoSSL , to automatically prepare a certificate for you to use.