HTTPS and SSL Explained

f you skim through the SearchWatch 2023 stats report, you’ll read that SSL was set up by default on 46 million websites in 2021.

If you look at the usage statistics for 2024, 86.6% of sites are using HTTPS.

Wow – isn’t there just something huge about HTTPS and SSL? Of course, if there wasn’t, there would be no justification to those numbers.

Now, since you are here because you don’t know what exactly ‘HTTPS and SSL’ are, let’s introduce the terms.

A Short Introduction

 “HTTPS” and “SSL” are technologies that tell the outside world that your website offers a secure connection.

This is meaningful for the security of your website, of course, but it also helps with your credibility among site visitors.

Think about it: would you hand over your credit card or phone number to a website that uses simple HTTP, which makes your data visible to an attacker?

You can see how this could influence a visitor’s decision on whether to make a purchase through your site, or sign up to your newsletter with their information.

Very well – now we are ready to look into each technology in a little more detail!

What Is HTTPS?

When you see the lock in your address bar and it says “https://” instead of the good ol’ “http://”, it means that your computer’s connection to the website is protected.

In fact, the ‘S’ in HTTPS stands for ‘Security’: this technology adds a layer between your computer and the website’s server so that no data that is being sent between the two can be seen and stolen (e.g. your passwords).

It helps to know that the principles behind HTTPS are those of the CIA triad, an acronym that stands for Confidentiality, Integrity and Availability, which are three fundamental components to data security:

  • Confidentiality means that your data stays your own
  • Integrity means that only you can alter it
  • Availability means that your data should always remain available to you at any given time.

What Is SSL?

An SSL certificate functions as a digital public certificate, authenticating your website’s identity.

What does this mean? The owner of a website who wants it certified will give an entity called Certification Authority (CA) a series of information and a public key in exchange of a certificate (.crt file) to protect all messages sent to and received by the website’s server.

Thanks to chukwugboc for this explanation!

While the public key is used to encrypt messages, another key – called private key – gets installed only on the site’s server and it’s used to decrypt messages. The restriction to the site server means that it’s the only one who can read them.

On the user’s side, what happens is that your site visitors go to your site and they see that you have a valid SSL certificate, they will know they are at the right place and that no-one is trying to impersonate your site.

If you’re a marketgoo user, you know we check whether your site has an SSL certificate because it plays a part in your online visibility and site traffic – and is especially important if you sell any product or service through your website.

Why Are HTTPS and SSL so Important for SEO?

First off, because Google told us in 2014 that secure connections contribute positively to the user experience offered by a site.

Secondly, because no one in 2024 would click on a search result if the website doesn’t show any – even minimal – guarantee of security!

So basically, put this on your to-do list, as it’s a no brainer.

Now let’s see how you can install an SSL certificate on your website and thus enable HTTPS on all your website pages.

How to Install SSL on WordPress

If you use WordPress.com, there’s nothing you need to do: WordPress.com will add Let’s Encrypt SSL to your website automatically when you register your domain in your administration panel.

Conversely, if your WordPress installation is self-hosted, you have two options:

  • Check with your hosting provider if they add SSL automatically to all websites
  • Install the SSL certificate yourself

Whatever option you pick, you don’t have to necessarily pay for the certificate.

Did you know about the free SSL certificate Let’s Encrypt?

You can check with your hosting provider if they have it available for you in their system (for example, GreenGeeks and WebHost.Pro offer this feature).

Alternatively you can install WP Encryption plugin to automatically install and renew your certificate. As the plugin website states:

“WP Encryption plugin registers your site, verifies your domain, generates SSL certificate for your site in simple mouse clicks without the need of any technical knowledge.”

If you need more features, you can buy the Premium version of this plugin.

How to Install SSL Manually in cPanel

Okay, let’s get techy now, although the whole process is actually as easy as copy/pasting text.

Step 1. Generate a CSR code

You do this in your cPanel, in the Security section, under SSL/TLS.

Follow these steps:

  • Under SSL/TLS, click on “Generate, view, or delete SSL certificate signing requests” below Certificate Signing Requests (CSR)
  • Fill out the certificate details form that appears on the page (“Generate a New Certificate Signing Request (CSR)”)
  • Click “Generate”.

Below is a screenshot showing the form that appears on the CSR page:

All done! Now proceed on with step 2.

Step 2. Choose an SSL provider

That can be a popular one like Comodo SSL or the free Let’s Encrypt*.

Purchase your certificate and download the compressed pack that’s generally sent to you by email (e.g. CAbundle.zip) and unpack it on your computer.

Step 3. Installation

Next, follow the steps below:

  • In your cPanel account, go to Security -> SSL/TLS
  • Click “Manage SSL sites” under INSTALL AND MANAGE SSL FOR YOUR SITE (HTTPS)
  • Fill out the “Install an SSL Website” form details: select your domain from the menu, open the uncompressed folder your SSL provider gave you, open your certificate (.CRT file) in a text editor (e.g. Notepad) and copy the long string of characters between –BEGIN CERTIFICATE— and –END CERTIFICATE—. Paste this string into the “Certificate: (CRT)” text area
  • Now, click the “Autofill by Certificate” button the appears on the right side of the page
  • Click the “Install Certificate” button at the bottom.

And you’re done!

Was this answer helpful? 0 Users Found This Useful (0 Votes)

Most Popular Articles

What is a Google Business Profile?

What is a Google Business Profile?   Why do I need a Google Business Profile? We’re always...
Academy: Meta Tags and SEO

What are Meta Tags Used for in SEO? Meta tags are pieces of information that search engines...
What is the robots.txt file?

What is the robots.txt file? The name robots.txt sounds a little out there, especially when...
Getting your H1 Title Tags to Help Your SEO

Getting your H1 Title Tags to Help Your SEO H1 Heading Tags for SEO When you read a book or a...
Web Marketing: Contact Forms

Web Marketing: Contact Forms What is a Contact Form? If you have ever wanted to get in touch...