Which sites need an SSL connection?
All conscientious websites that handle any kind of user information should use SSL technology to protect their customers.
In this modern age, more transactions are carried out through the internet than ever before. When financial details are submitted online, SSL certificates are a must. That said, SSL is critical for any website that asks users for any personal data such as contact information for a mailing list, or username, or password for login. Your website’s reputation depends on keeping these details protected.
SSL isn’t only a priority for e-commerce site owners. These days, internet users are savvy enough to look for the lock when visiting a website. HTTPs at the beginning of a website addresses indicates that a site is secure and safe to use. Applying SSL is a simple way to win user trust and quell any privacy concerns when data is offered online.
Why use SSL with your website?
The main purpose of SSL is to provide secure online banking transactions, logins and data transfers that are useful for all manner of websites. It's commonly used for these purposes but has others as well. The most common use is for websites where secure data is transmitted like card payment details or secure login details. It also:
Keeps data secure between servers, safe from the hands of hackers.
Google and other search engines are taking serious measures to highlight unsafe (HTTP) website to their site visitors.
Builds and enhances customer trust and potentially improve conversion rates.
The Google factor
Installing SSL to your server for Google’s benefit is as a good reason as any. The search engine is hot on website security and uses whether your site is deemed secure (if it’s SSL certified is part of that) as a ranking signal. It takes the security of its users very seriously. In the eyes of Google, it doesn’t matter if you accept payments on your website or not. It wants everything on the web to be secure and avidly encourages site owners to adopt HTTPS.
As of October 2017, Google’s Chrome browser reflects the search giant’s dedication to user security. The landing page result of any site not holding an SSL certificate will be displayed to all their visitors as ‘Not Secure.’ Google’s action has made it clear: it’s time for unencrypted sites to upgrade.
On their path to stamp out the use of non-secure (HTTP) sites, future releases of Chrome will further impede non-HTTPS sites. While it may seem like adding an SSL certificate to your domain is an inconvenience, it’s ultimately a move that’s going to future-proof your website, and protect the privacy of your users.
Protect user logins
One of the most valuable aspects of adding an SSL certificate to your website is to protect any of your password protected pages - including your content management system such as WordPress, or other database-driven sites that require a login page for the admin to gain access.
Although it’s not apparent to most people browsing the internet, the web is filled with ill-intended bots that seek out poorly-protected login forms to crack into entire websites or gain access to membership accounts. You don’t want to log on to your site’s administration panel only to find your pages have been defaced or completely deleted and your member’s accounts have been infiltrated.
Membership sites with multiple logins are a juicy target for hackers to attack as they create more opportunities to do so. - Keep in mind that anything that needs to be secure online needs to operate under the safety net of an SSL certificate.
Secure web forms
Not all websites use online transaction to collect money for products and services. There are plenty of websites that collect information. Anything with an online form such as a questionnaire reviewing a product, leads for potential home renters or buyers, or a Contact Us form, for example could use extra security.
Any website collecting even the most basic information such as name, address, phone number and email address should apply SSL protocol. Chances are, clients would not want this information leaked.