01 Oct 2019
Traffic on the internet is transferred as is, normally as plain text and easy to read. There are different techniques on how to transfer the data, but it is all still readable. Normally unencrypted traffic is transferred by HTTP (HyperText Transfer Protocol). This is fine for websites that don’t expect any feedback from the user, no forms, or personal information submitted.
Well… Have you ever wondered what the lock sign on your browser meant? Seen ‘this website is secure’ pop up? Possibly overheard someone talking about SSL or HTTPS? We will let you know the secret, it's all down to an SSL (secure socket layer) certificate.
Essentially this certificate changes the way your data is sent over the internet. You can say goodbye to HTTP and welcome to HTTPS! Now your traffic will be encrypted, and user data can not be read or even altered. This adds trust to your website and allows your users to comfortably enter data and know it will be safe in transit.
There are lots of different ways (ciphers) to encrypt data. At a low level, a browser and server agree to a way to encrypt the data, if the certificate is valid, and exchange keys. Keys are thought of like passwords, but much stronger than a normal password. Once the server and browser are happy, the data passed between them can be encrypted and read using the selected ciphers (ways to encrypt) and exchanged keys. You will need a key that was exchanged to read the data passed between the browser and server, and therefore the traffic is no longer plain text.
In short, if you collect data on your users or have contact forms (or any type of forms) then yes.
A lot of websites use technologies such as CMS (Content Management Systems) and don’t use SSL certificates. This puts your username and password at risk of being read every time you log in to make a change.
If you are unsure or would like some help with a new or existing website, please get in touch, we can advise and provide information if needed. We can help in the process of purchasing and setting the site up to utilise the new certificate.