- Joined
- Dec 22, 2015
- Messages
- 287
- Points
- 0
Having an SSL certificate is useful for installing trust in your users because their sensitive private information is encrypted.
But really, unless someone has access to that persons router, or has hacked the site, nobody can sniff and steal your site users data anyway so SSL in some cases is just overkill.
Really SSL, is just for the really paranoid people and also, it's heavily marketed like YOU NEED IT, YOU MUST HAVE SSL or face DOOM!
No. That's just a marketing ploy used by SSL providers/resellers into making you think that you-must-have-it.
But having an SSL certificate doesn't just mean that your users information is encrypted and giving them some level of peace of mind.
While it can offer some level of protection, remember, like anything, it's never truly 100% reliable and the ONLY thing you might need to do to prevent packet data theft taking place anyway.
There are actually some caveats to having and using SSL on your WordPress site.
Pros and Cons to Using SSL with WordPress
Pros
Some questions I still have about it all which you may have.
When and where on your site is a good time to use SSL?
Should you only use SSL when it's needed or should you use it all over your site at all times?
Example; registration/login pages, checkout/cart pages, customer accounts, WP backend etc.
If the answer to them is yes, what are some effective ways of managing that? Is it done with htaccess, wp-config, some plugin or other method?
If it can be done with a plugin, which plugin is recommended for it?
If its recommended to use SSL all over your site all the time, then your main URL is https so should you use some redirect method to redirect all http traffic to https?
An off-page question. Which URL should you use when building links? The http or https URL?
Well thanks for reading and thanks for your answers and insight into this.
Hopefully we can all learn a thing or two from it. :smart:
But really, unless someone has access to that persons router, or has hacked the site, nobody can sniff and steal your site users data anyway so SSL in some cases is just overkill.
Really SSL, is just for the really paranoid people and also, it's heavily marketed like YOU NEED IT, YOU MUST HAVE SSL or face DOOM!
No. That's just a marketing ploy used by SSL providers/resellers into making you think that you-must-have-it.
But having an SSL certificate doesn't just mean that your users information is encrypted and giving them some level of peace of mind.
While it can offer some level of protection, remember, like anything, it's never truly 100% reliable and the ONLY thing you might need to do to prevent packet data theft taking place anyway.
There are actually some caveats to having and using SSL on your WordPress site.
Pros and Cons to Using SSL with WordPress
Pros
- Trust factor - When your buyers can see that you've made the site secure for them to use with the little green padlock icon in the address bar this installs trust in your sites users/buyers.
- Transparency - By having an SSL certificate, your sites buyers know you are who you say you are and they are buying from a site who has a legally binding contract with the SSL provider.
- Data protection - Your sites users/buyers are "guaranteed" by the SSL provider that their data isn't going to be intercepted and used illegally.
- SEO - We all read the announcement Google made about how they're using HTTPS and SSL as a ranking factor in the SERP's.
- Usability - Can be difficult for newbies to understand and set up on their site without the help of a professional. However these days it's much easier and doesn't have to be complicated.
- Cost - While no more expensive than a lunch, and renewal costs no more either. There is still some cost to it from the start unless you go with free option but that's never recommended for serious sites.
- Warning messages - If your SSL isn't set up right, sometimes your visitors may see a warning page telling them their data isn't protected which can scare some people away who don't understand from using your site.
- Caching - Encrypted content isn't cached and this can be a problem if you're using some complex caching method that can cause conflicts and problems with using the site.
- Resources - While properly setup SSL certificates these days aren't as resource hogging as they were 10 years ago, if you don't have big resources but a lot of request, your site might feel the strain and become slow.
Some questions I still have about it all which you may have.
When and where on your site is a good time to use SSL?
Should you only use SSL when it's needed or should you use it all over your site at all times?
Example; registration/login pages, checkout/cart pages, customer accounts, WP backend etc.
If the answer to them is yes, what are some effective ways of managing that? Is it done with htaccess, wp-config, some plugin or other method?
If it can be done with a plugin, which plugin is recommended for it?
If its recommended to use SSL all over your site all the time, then your main URL is https so should you use some redirect method to redirect all http traffic to https?
An off-page question. Which URL should you use when building links? The http or https URL?
Well thanks for reading and thanks for your answers and insight into this.
Hopefully we can all learn a thing or two from it. :smart: