Google now requires that everyone encrypt their websites. It’s a good idea, but it isn’t free and you can thank Google for making your website cost more. To stay in the game you need to purchase an SSL Certificate which will encrypt the link between your web server and a browser. It puts the little padlock icon in the browser search box next to your website’s domain name.
SSL Certificates are renewed once a year and can cost between $50 to many hundreds of dollars. Why are they so expensive? Beats me. eCommerce websites owners have been paying this for years at GlobalSign ($249/year), DigiCert ($175/year), Thawte ($149/year) and the like. For me, I think $50 per year is reasonable for securing an average website.
The whole SSL industry is full of incomprehensible techno jargon and while they say SSL Certificates are easy to install prepare to spend a whole day with a bottle of aspirin. I am amazed how long this process has been around and has never improved.
The good news is that there are some website hosting companies that are finding an opportunity with this new Google mandate. WordPress is getting script bloat which makes it slower on cheap servers. So if you are looking for speed, you will need to pay little more maybe even double what you are paying each year for web hosting. So when you are shopping for a speedy website host company also look for a Free SSL.
Make sure it is a full fledged SSL and not a shared SSL. The reason is that a shared SSL will redirect your domain to a shared domain. Not good for branding your business.
LetsEncrpt started offering free SSL certificates to help with this effort in late 2014. It is supported by all the biggies on the web like Mozilla, Akamai, Cisco and even Facebook. If you happen to browse over to their documentation on how to get one of these make sure you have that bottle of aspire ready. You won’t be able to do it. But if you have the right website hosting account it may only be a click or two away. I discovered such a website host company called WPXhosting and was delighted. Their servers are fast, service is good and they have a quick click to SSL built into their dashboard. As this becomes more important, I am sure GoDaddy and others will come around with their own value add for SSL, but watch the fine print.
What fine print?
Like you need a dedicated IP address to implement an SSL Certificate. That will make your shared hosting of $60 a year inflate to $140 or $180. This will all depend on the products that the website hosting company is offering. In the case of GoDaddy you will either add the dedicated IP expense and SSL Certificate or move up to one of their more expensive hosting packages that include SSL but watch the fine print again: “Free for the first year.”
I have found that it is possible to get a Free SSL certificate installed on a web host account with Cpanel. This is a very common configuration and if you don’t know about it probably your web person does.
The problem with Free SSL certificates is that they need to be revalidated every 60 or 90 days. They are usually used for testing purposes. If you are lucky enough to get one installed you would need to revalidate the certificate 4 times a year. If you get a Free SSL through your web hosting company, wow just found another one at WPEngine, they usually have partnered with LetsEncrypt and have a script that auto validates the certificate.
If you do end up paying $50 or $70 per year for SSL on your website know that you are getting a good deal. Others are certainly paying much more. With your website secured by SSL you will be able to enjoy more Google juice than the other websites that are not secure.