Securing your website with SSL

From January 2017 (Chrome browser v56) you might have noticed that when you're on a website using the Chrome browser it shows the words "NOT SECURE" before many websites.  This is because Google will only give a secure designation to website that are https://  Here's what this looks like in your browser:

To achieve a SECURE rating you need to install an SSL (secure socket layer in case you're interested) certificate onto your website and then change all your site paths, including any plugin and scripts, to https:// then test thoroughly.

As of writing Firefox has always shown the padlock with a line through it so indicate you are looking at a http:// site rather than a https:// site, but it's not obvious.  Internet Explorer does not show any indication unless the site is https:// then you get the padlock symbol.

When I talk to clients about https and SSL they glaze over very fast indeed, and I understand that.  Up until mid 2016 unless you were taking sensitive data on your website such as customer details and credit card details, there was really little motivation to add SSL and incur the costs of doing that.

Just to be clear what we are securing here it's not your website as such, it's the connection between your site users (their browser) and your website.  SSL will not prevent hacking of your site, you still need to take all the precautions you would normally to stop this.

For the record there are different types of SSL certificate but most sites will be fine with the free version.

FORS AND AGAINST: