WordPress Security – Secure Certificates & HTTPS


WordPress powers in excess of 32% of all websites on the internet. It’s a brilliant Content Management System (CMS) that can be used by anybody, regardless of computer literacy or familiarity with how to build websites.

This is WordPress’s greatest strength and its greatest weakness. Since so many websites use WordPress, it is targeted by hackers and other nefarious entities in several ways.

In the coming articles, we’re going to discuss what owners and operators of WordPress websites should be aware of from a security perspective and what they can do in order to keep their WordPress website running securely for their customers.

SSL Certificates & HTTPS

An SSL Certificate is often called a ‘secure certificate’, this title is a bit misleading as even with a secure certificate, a website can still be insecure because website security is not just a single thing with an easy fix.

Unfortunately, we must talk tech for a minute, so we understand what an SSL certificate does so please bear with me… An SSL certificate does not secure a website on its own, it encrypts traffic between a user and a server. So when you visit my website, https://www.websterinternet.co.uk, it uses cryptographic techniques to scramble the data that is passed from the website when your computer asks for it. Once it has been received, your computer’s browser will use the certificate as a key to decrypt the scrambled data and display the website. This happens extremely quickly, as computers are good at this type of thing, whereas humans are not.

A secure certificate protects against a specific type of hack, called the ‘man-in-the-middle attack’ – it stops somebody sitting figuratively between the server and your computer in order to spoof the website you try to access, to intercept your personal data. It is for this reason that banks have used SSL certificates for so long, as the SSL certificate guarantees that the user is shown the correct website.

Google loves security, as we know. They said in 2014 that they would be moving towards ‘SSL everywhere’ and that they would give websites using SSL certificates a boost in search ranking.

Google is all about trust – the reason why websites rank higher than others is nothing more than Google saying that one website is more trusted to provide you the information you requested over another.

Installing an SSL certificate is a great way to enhance your website’s trust factor with Google, but website owners can be a bit Google-centric in their approach and forget that it’s their customers who will eventually buy from them.

When a website has an SSL certificate, the address bar goes a lovely shade of secure green for visiting customers and this isn’t just for those websites that sell products and take card details – the latest versions of all web browsers are showing those without SSL certificates as “Not Secure” so if your address bar doesn’t go green when you load it, let us know and we can help you out!

Find out more about WordPress security in the next article which will discuss the most important and easiest way to secure any WordPress website.

 

Want to do business with a company that can walk the walk? Get in touch.

Webster Internet can advise on building websites, maintaining and promoting them. With the experience of having launched in excess of 100 websites, we can help you with your next project!

Please sign up for our Website Healthcheck – It checks your website on over 50 metrics and we’ll even visit you to chat about the report for an hour with you for free. It could be your most profitable hour ever

 

Does your business need a new website?
Is your current website working hard enough for your company?
Is your website mobile friendly?
Are your e-mails flaky or your website often down?
Webster Internet can provide perfect solutions to all of these issues and more.
Get in Touch