EP 002: Why your website needs to be secured with HTTPS (SSL) & what to do about it!

SSL Certificate

When Google talks – we listen!

We have to. No one wants the wrath of Google falling on their website.

Last year, Google started to officially warn website owners with sites that didn’t display the green padlock, non HTTPS, that they would be declared as ‘non-secure’.

What does this mean exactly?

Well, it means that when viewed in the new Chrome 68 browser it will look like this:

SSL Certificate

And show a warning saying “Your connection to this site is nott secure. You should not enter any sensitive information on this site (for example, passwords or credit cards) because it could be stolen by attackers.”

So what’s the big deal?

Let’s face it HTTP is really old as far as tech goes. It’s worked fine for a long time but it’s just not secure. That means when you visit a website that is over HTTP that connection is not secure and nasty people can grab the data that is passed back and forth. Simply put, they could steal your credit card details, name, email address or any personal information you enter into that website.

On the other hand, HTTPS is secure. Any data sent over a secure connection is encrypted so can’t be stolen, well technically it can still be stolen but it’s worthless to the people stealing it as it’s gobbledy gook with the encryption key.

Google has stated that HTTPS adopters will gain a rankings boost and that has prompted a big shift towards HTTPS. In fact according to Google:

  • Over 68% of Chrome traffic on both Android and Windows is now protected
  • Over 78% of Chrome traffic on both Chrome OS and Mac is now protected
  • 81 of the top 100 sites on the web use HTTPS by default

Google, being Google, won’t come out and say that being non-secure will affect your rankings. They hold their beloved search algorithm close to their heart (if Google has a heart!) but in truth, a visitor to a site that displays a big red ‘not-secure’ warning is likely to be put off and the site’s traffic and rankings will drop as a result.

SSL Certificates

And whilst you might not be a Google Chrome user it is still the most used web browser on the planet, so there’s a fair chance alarge percentage of your customers are using Chrome.

Incidentally, anyone that accepts payments on their site should already be using HTTPS as most payment providers, such as Stripe, Paypal Pro, Authorize.net, etc, now require your site to be protected.

So how do you secure your site?

In order to get that padlock ‘secure’ notice, your site needs an SSL certificate. The SSL stands for Secure Sockets Layer, if you’re interested.

What is that exactly?

It’s a security certificate that once installed on the hosting web server fires up a secure connection between the web server serving the content and the browser of the viewer viewing the site. The URL of the website will show as https:// rather than http://

For web users this is a good thing. Anything that cuts down on cybercrime and data breaches should be embraced wholeheartedly. If you’ve gone through the issues of having your data stolen you’ll know this firsthand.

There are five types of SSL certificates that you can use for your website. Some are free. Some are paid. As you would expect the paid ones come with a few more features than the free ones.

Here’s a quick rundown of the different types:

Free SSL Certificates: There are vendors such as Let’s EncryptFree SSL and SSL For Free that all provide free SSL certificates along with many web hosts. These certificates work well but have preconditions such as having to manually renew the certificate every 6 months. Our preferred hosting company Siteground offers free SSL certificates.

Single Domain SSL Certificate: Much like it says these certificates work on one domain. So for example, if the certificate is issued for yourdomain.com it will only secure the pages under that one domain. These certificates are fairly easyt o obtain, requiring little or no paperwork as well as being fairoly low cost.

Multi-Domain SSL Certificate: This type allows you to secure a few different domains with one certificate. So for example, website1.com, website2.com and website3.com could all be secured with the same certificate.

Wildcard SSL Certificate: This is similar to the single domain certificate but it will also secure any sub-domains. So for example, you can secure yourdomain.com as well as support.yourdomain.com or anything.yourdomain.com. Perfect if you have multuple sub-domains. It gives you just the one expiry date to remember. It’s worth noting that many hosts offer a Let’s Encrypt free Wildcard SSL certificate as well now.

Organizational SSL Certificate: This type offfers some enhanced features but you have to be vetted and verified before being issued with the certificate. It can take up to 3 working days for the process.

Extended SSL Certificate:  These certificates offer the highest level of security and usually take 3-4 days to be issued. They involve a thorough background check on the company applying. These certificates are used widely by banks and many online retailers.

The type of SSL certificate that you need depends a lot on the type of website that you have but the free certificates are a good place to start for most small businesses.

Okay great I have an SSL certificate, now what do I do with it?

Once you have decided on and obtained your SSL certificate you need to migrate your website from HTTP to HTTPS. Depending on the size and complexity of your website this can either be a relatively painless task or  major undertaking.

Once you have purchased and installed your SSL certificate on your hosting you can migrate your WordPress website with the use of the Really Simple SSL plugin. This plugin takes care of everything, including any mixed content errors for non-secure content.


  • Checks the SSL certificate to make sure it is valid
  • Sets WordPress to use HTTPS in the URLS
  • Sets up redirects from HTTP to HTTPS
  • Looks for URLS in your content still loading from non-secure HTTP sources and attempts to fix them. (Occasionally you may have a problem with this in which case there are other plugins you can use to rectify this problem)

Needless to say if you feel you can’t tackle this migration yourself, get the help of a WordPress professional.

In summary

This all may seem like a bit of an inconvenience and it may cost you some money to comply but the requirements put in force by Google are important and for the good of the internet and your business.

The SSL certificate:

  • Establishes trust in your business and builds your brand online
  • Provides encryption of your sensitive data to avoid people stealing it
  • Provides authentication for your site and business.

So if you haven’t made the switch to HTTPS yet, then you should get cracking.

Otherwise you can expect the wrath of Google to fall upon you and you’ll no doubt see a drop in your search rankings, less traffic and lost sales as a result.

It’s always best to keep on the good side of Google!

Links & Resources from this episode

Maple Moon Web Design Inc
The Weekend Website


Join the FaceBook Group

Please share this post


EP 001: Who The Heck Are You?

An introduction to Lorraine McNulty, the host of Just A Digital Moment!

So who am I and why am I podcasting about digital things? And more importantly why should you listen to me?

Well I’ve been around  while online – in fact this year is my 26th year in business. Yup, I’m old! And, my business is nearly as old as the internet! Yes kids, there was a time before internet!

But let’s start before that…

I studied Analytical Chemistry at Portsmouth Poly in the UK and armed with my science degree, started my career for a large analytical instrumentation company doing technical support and sales. I’ve also workedin R&D for a pharmaceutical company and a water treatment company and as a recruitment consultant for scientists. Not your average background for a web designer!

I then started my own company as a Virtal Assistant offering business support services to small businesses. I got a job transcribing a set of talks at a pharmaceutical conference and they also wanted them to be available olnline. “I can do that”, I said with absolutely no clue how to do it and no Google to find out!

But after a quick trip to the library and several coding books later I had created my first website.

That was 1992 – fast forward a decade and my husband and I decided to ‘up-sticks’ and move our family, my business and a 1 year old Newfoundland puppy to Canada.

We arrived straight of the boat, well airplane actually, and my business carried on, with a few of my clients not even realising I had moved continents. After some phone calls in the early hours I soon had everyone on track with the 5 hour time difference. That’s the beauty of this ‘digital age’ that we live in! We can work from anywhere.

Those of you that know me know I have two sons, who are both avid golfers and got NCAA scholarships, one is now a pro golfer and the other one still at school in the US. But I have been known to fix someone’s website using my smartphone whilst walking around a golf course. Who doesn’t like technology and devices that let you do that?

So to cut a long story short, I’ve been helping small businesses get online for over 25 years and have seen many things come and go in that time. There wasn’t Social Media back then – which may not have been a bad thing but I could dedicate a whole podcast just to that subject.

Years ago your business was thought progressive if it just had a website. Now you need a website and a marketing strategy to make you stand out from the other ‘noise’ online. I think this is where my background as a scientist helps. I love finding solutions to problems and working out marketing funnels, email campaigns, social media campaigns, keyword strategies, sales carts for different businesses and niches all pose their own problems.

I’ve been told by friends and clients that I have a knack for explaining things in ‘non-geek’ talk. I’m not sure about that but have certainly experienced listening to a tech person waffle on in what seems like a foreign language when all he was trying to say was ‘unplug the bloody thing and plug it back in again’! I’ve also had an ex-service provider ask me “Is there anyone more technical I can talk to?” I’m assuming he meant my husband! So, I’ll try to keep everything BS free, as that’s how I like it.

What else can I tell you? Oh, my business has been voted Best Webdesign Company for the last 13 years here locally. And locally is the lovely town of Port Perry on the shores of Lake Scugog in Ontario, Canada.

I play the saxophone (badly). I play hockey (the ice kind) (equally badly) although to be fair most Canadians are born on skates and I didn’t strap on a pair until I moved here and signed up for the hockey league! I love Dragon Boating (Google it if you don;t know what it is!) And I love to relax over a nice meal and a glass (or two) of wine.

What I don’t like is having my photo taken or hearing myself recorded. So in the same spirit that I started playing hockey, I’m starting this podcast.

Nothing ventured – nothing gained. Right?

So I hope you’ll join me on this adventure as I stumble along on audio and video. I’ll try, for the sake if my kids, not to embarrass myself too much – although my hockey skills (or lack of them) are an endless source of amusement for them.

I may not be great at hockey but I show up week after week – so that’s what I am going to do now with this podcast. And we’ll see how it goes.

If I crash and burn at least it will be with a smile on my face (and more than likely a glass of wine in my hand), rather than a face-plant on ice, which definitely happened the first time I played hockey!

So I hope you’ll join me on future episodes and we’ll see if I can answer some of the marketing and website design questions I get asked a lot. I’ll share some of my best tips and favourite tools. Hopefully I’ll grab a guest or two along the way.

Links & Resources from this episode

Maple Moon Web Design Inc

The Weekend Website

Join the FaceBook Group

Please share this post