Here’s the question from the Youtube commenter that I answer in the video below:
Great info, thanks for sharing. I’d appreciate your opinion on paid SSL vs the free options, are they better or not. Thanks again.
Secure Sockets Layer (SSL) is the method of securing the communications between your website and your website visitors. In the past, these certificates were primarily used on e-commerce sites where online purchases were made and the credit card transactions needed to be secured. Back then you were looking for that trusty ‘https’ at the beginning of your URL that would let online shoppers know they were on a secure site.
The number of website owners who installed SSL certificates started increasing in 2018 since popular browsers like Google Chrome and Microsoft Edge began alerting visitors when a site is insecure regardless of whether or not it is an e-commerce site.
Because of this, small businesses (even those not transmitting sensitive information) are installing now SSL certificates to avoid that warning and potentially scaring off visitors. Basically, we’re moving towards an internet where almost every site is secured with an SSL certificate. And that’s a good thing!
Free SSL Certificates
Your web host likely provides a free shared SSL certificate which covers your entire server. Keep in mind, that this often can’t be used to secure the actual website on your domain but likely just covers the entire server so that you can log in to webmail (https://webmail.myhost.com) or your control panel (https://cpanel.myhost.com) through a secured connection.
A similar example of this is ecommerce platforms like Shopify which offer free shared SSL certificates so that when a visitor goes to the checkout page, it automatically switches to a shared secured domain. Of course, this means visitors leave your domain to make their secured purchases, and it may become apparent to them that your site isn’t properly secured, leading to them deciding your site is no longer a good option.
There is another form of free SSL certificate provided by your host that will cover your domain. Some hosts provide SSL certs for up to 200 domains along with the hosting fee. This is actually what I provide to my clients. It’s the simplest option if you aren’t transmitting a lot of sensitive information., but it’s not available on all web hosts. If you’re interested in taking advantage of the secure hosting I offer, check out my Complete Website Package.
Paid SSL Certificates
When it comes to paid certificates, there are a few different levels and they depend on the validation:
DOMAIN Validation (DV)
This means that you only have to verify that you’re the owner of the domain.
EXTENDED Validation & ORGANIZATION Validation (EV)
This requires the purchaser to provide additional verifications such as a verified physical address. A good example of sites that need this additional verification would be bank websites.
As with most things, the paid version of SSL certificates is better than the free version but that doesn’t necessarily mean it offers more in the way of actual security. What you’re really paying for is the appearance in a visitors’ browser that reassures them of your trustworthiness. For example, most bank websites with the higher level of verification will have their verified organization name in them like the example below. This is the “Cadillac” of SSL security.
It all depends on what you’re doing and what type of site you’re running. In general, I would say every site should at least have a DV certification on their site to remove any warnings.
The first place you should check is with your host to see what certificates they offer. I would also suggest checking out LetsEncrypt.org as they offer free DV (domain validation) certificates.
I hope that answered the question. If you have a question of your own, please head to webeminence.com/we-ask-tv and post your question in text, audio, or video form.