Is Your Site’s Traffic Tanking? Google could be to Blame

Andrew Tuzson sitting in front of a wooden door with smoke billowing around him

Riley Cullen – Lead Copywriter

As it so often does, Google made a few changes recently. Unfortunately, even a small change to the way Google conducts business can mean havoc and chaos for businesses who lack a tech savvy team member to make updates. This most recent change could result in some businesses, even those whose websites were built relatively recently, seeing a dramatic downturn in the click rate on their site. Most Lincoln and Omaha web designers have been building sites with SSL certificates for years, but recently has Google upped the ante, making SSL Certificates a requirement to be considered a secure site.

Basically, if you don’t see “https://” in front of your site’s URL when it loads, Google could be notifying potential visitors that your site isn’t secure before they even make it to the homepage. Without that singular “s” at the end of “http,” Google is docking you. This could lead customer diversion because a designation of insecure by the world’s largest search engine means that potential customers aren’t going to want to visit your website. Luckily, Lincoln and Omaha web designers are, for the most part, using SSL Certificates for every build. If you’re unsure, get the skinny on all things SSL below (plus, that chimichurri recipe is ahead).

SSL stands for Secure Sockets Layer. The gist is that SSL Certificates ensure the safety of any plain text a visitor might enter on your site including usernames, passwords, credit card information, and other personal information. They do so by using both public and private keys to create an encrypted connection to the site’s server, ensuring information stays only between the visitor and the subject (aka: the owner of the website, aka: the owner of the SSL certificate, aka: you). SSL certificates are issued by a Certificate Authority (CA).

So it just encrypts information?

Actually, that’s not all. Yes, SSL Certificates provide encryption for sensitive and personal information. However, they serve another purpose. Getting your SSL certificate from a reputable CA is also a way of having them “cosign” on your site, for lack of a better term. CAs act as a third party that browsers (Google Chrome, Firefox, Microsoft Edge, etc.) recognize as trustworthy. Having them “cosign” your certificate means that browsers can trust your website because they trust the CA who vouched for you.

How do I get an SSL Certificate?

First, you’ve got to submit a CSR (certificate signing request) through your server to a trusted CA. The CSR will contain information including but not limited to: the name of your organization, your location, and your domain name. The CSR both helps verify the owner of the SSL certificate is a real, verifiable business and contains the public key necessary for SSL certificates.

A public key is a variable value which, through an algorithm, is applied to plain text to produce encrypted text. Once the CSR is sent into a CA, they are able to create a private key which matches your public key. The two keys work in tandem. The public key encrypts all the information a user inputs on your site. That encrypted information is deciphered by the private key which is only available to the recipient of that information (that’s you, the website owner!).

Once you receive your SSL certificate, you still need to implement it online by installing it on your server. Different servers have different rules on how to do this, but you’ll upload both your SSL certificate and an intermediate certificate which your CA will send. The intermediate certificate acts as another level of verification and ties your SSL directly to you CA’s root certificate.

How do I know if I have to make this change?

The easiest way is simply to look at your website’s URL while using a desktop or laptop. If it is prefaced by “https://” in green letters and a little padlock symbol, you’re probably in the clear. Unfortunately, even if you see “https://” you might only be partially secure

Can I get an SSL Certificate for free?

Ah, the always enticing free option. There are more than a handful of free options online for SSL Certificates. So why pay for one when there’s so many free options available? The answer is actually pretty simple. With SSL Certificates, just as with everything in life, you get what you pay for. Most free online options circumvent using trusted CAs in favor of letting website owners “self-sign” for their certificate. So, instead of the browser trusting a CA with whom they have a lasting relationship, they’re asked to trust you, an unknown website owner. Who can blame them for being skeptical?

That skepticism is bad news for you, because when users visit the site, they’ll get the same information you see on the United Nations website. Be a good website owner. Ensure your users’ information is safe. Pay for your SSL certificate. For a basic version it’s anywhere between $70-$150/year depending on your CA, and it’s worth it to save yourself from hacker headaches down the line.

All of that sounded like gibberish to me. What should I do if my site doesn’t have an SSL certificate?

Fix it.

Just kidding, we’re here to help. If you don’t have a tech savvy team member to help you out, try contacting the developer who built your site. Most web designers in Omaha and Lincoln would be happy to help you through the process of securing your site. If you can’t set up an SSL Certificate, need help finding a reputable CA, or want to talk web design, give us a holler. That’s what we’re here for, right? That and delicious chimichurri. I put that stuff on everything.