With the release of Chrome 68 (July 24th 2018) if your website doesn’t have an SSL secure certificate visitors to it are going to get a fairly scary message.

warning in Chrome about insecure site with no SSL

Why?

Google has been pushing for HTTPS everywhere for some time. Over the last year the Chrome browser, which has around 60% of the global browser market share, has been changing its messaging so that sites that do not have SSL are treated as less trusted. The change with Chrome 68 will make that messaging a lot less subtle.

What can you do?

If your site does not have a secure certificate (SSL cert) installed then you’ll need to get one.

How much will it cost?

There are multiple types of SSL certs available that start in price from as little as a couple of Euro per month.

What are your options?

A basic SSL certificate which is “domain validated” will give you the secure padlock:

domain validated secure certificate

If you want the more trustworthy green address bar you’d need to get what’s called an “extended validation” certificate. The difference being that with an EV certificate the entity issuing the secure certificate has done more due diligence on you as a company. While these generally take longer to get, as there’s some offline validation, there is a definite upside, as you’ll get the nice “green bar”:

EV SSL certificate green browser bar

Do I need to buy an SSL cert if I’m using your website builder?

If you already have a site using our website builder you can switch on SSL at no extra cost!

What about free SSL certs?

If you have a cloud server with us running Plesk or cPanel you can avail of free secure certificates from either LetsEncrypt or cPanel. (The cPanel ones obviously are only available on cPanel servers!)

How can I switch my website over to HTTPS?

If you purchase an SSL Cert from Blacknight and are using our Shared Hosting system or Plesk or cPanel we can install the cert for you.

You will need to update your site’s settings to use HTTPS and redirect traffic from HTTP to HTTPS using a .htaccess file (if you’re on Linux). If the site is using WordPress or one of the other commonly used content management systems switching over isn’t that complicated using one of many plugins. Bear in mind that you might need to make changes to 3rd party code ie. for widgets etc., to get rid of mixed content errors.

Do I need to get a fixed IP to use an SSL cert?

For sites hosted on our latest Linux shared hosting packages we use a technology called SNI which allows multiple sites on the same IP address to have SSL, so you don’t need an extra IP address. If your site is hosted on Windows or one of our legacy packages please speak to our sales team about your options.

Does a SSL cert make my website secure?

When you have an SSL certificate installed for your site the traffic between users and your site will be encrypted. That does NOT mean that your site is 100% secure. You’ll still need to make sure that you’re keeping your CMS up to date, using strong passwords and taking other measures to ensure that  your site is secured.

If you have any questions let us know!