Do You Need SSL? to https or to not?

SSL, To HTTPS or to HTTP, that is the question.

In todays world of phishing scams and internet thievery, it isn’t hard for someone in the cubicle right next to you to grab information as you are surfing a website that isn’t secure.

SSL Short Course

If you are reading this post on a browser like Apple’s Safari, which is what I use, you should see a little lock symbol at the top. It should look something like this:

do you need ssl like our website

This lets you know that the connection between your computer and the website is encrypted, not public. While our cybersecurity expert Dr. Josh is way over the top with security because his focus is medical records and patient protection, Google is starting to do something similar.

What not to do!

The worst position to be in is where the website appears un-secure like this:

no SSL here.  Oops

The “not secure” means that anyone nearby can easily see any information you look at or share with that website. I covered most of the name and hope they have this fixed soon. They are not a client, but they are a group we like.

The Hybrid Case

Finally you could be in a wierd no-mans land where you have an SSL but there is something causing your website to open the connection. That looks like our site

SSL with some links that are not secure

Notice there is no lock and it doesn’t say “not secure”. In this case Google is giving us credit for being secure so we get the website ranked, however it is a warning that not all of the “content” is secure. This means there is an ad or a link somewhere in the thousands of posts that connects to a dead, fake or non-secure website.

While Google is not yet penalizing it is giving us a gentle nudge to fix it sooner than later.

The Bottom Line

Google rankings are now be effected by the simple fact that you do or don’t have an SSL or Secure Socket Layer certificate attached to your website. With WordPress this is a very easy fix. The first step is to buy an SSL certificate from your website hosting company. GoDaddy,, BlueHost and just about every other company offer SSL certificates. Some charge more than others though.

Recently we were doing a checkup on a client that manages their own website and we saw a steep drop in the number of new visitors. The culprit was the SSL certificate had dropped off the site. That fix took less than an hour and saved them from being left out of hundreds of search results each week.

So to https or to http, is not really a question, is it?