If your site doesn't have an SSL certificate, you should seriously consider getting one in the near future.
An SSL can help protect your customers' data, and it may well give you a ranking boost in Google's search results.
This article will explore the most important advantages and disadvantages of getting SSL for your Joomla site.
What is an SSL Certificate?
When a user accesses a web page, the web server sends the relevant information to the user's browser. HTTP is one of the transfer protocols used to send information between the browser and the server.
When the information travels via HTTP, it's plain-text. In other words, the information is exactly as it is and anyone in the middle of the network connection could read it. This presents a security risk.
HTTPS solves this issue by encrypting the data. A handshake occurs between the server and the user's browser, so that only they can read each others messages with their respective keys. The keys unlock the encrypted message and reveal the information.
Advantage #1: Security
SSL protects you, your users, and your server. If your login information is being sent via plain-text and you're in an insecure WIFI area, a hacker could steal your information on the network.
It also privatizes your user's browsing. Third parties on the network won't be able to determine what activity the user is engaging in your website. For example, Facebook's SSL makes it so that the user's messages are securely transferred, rather than read by someone at the same coffee shop.
Advantage #2: SEO
Google penalizes your site if it doesn't have an SSL certificate to support important pages that accept user data. You'll get an SEO boost if you switch your site to SSL on every page.
Advantage #3: Customer Trust
More and more users understand the importance of SSL, especially when shopping online. They want to see the green security lock.
If the browser address bar is red with a large warning, they are significantly less likely to engage with your site.
Disdvantage #1: Cost
Getting an SSL certificate usually costs $15 to $99 per year. Fortunately, there's a new, reliable service available that's 100% free: https://letsencrypt.org
Disadvantage #2: Extra setup time
The first time setting up an SSL certificate can be tricky.
Fortunately, most hosting companies make the process easy. My advice is to talk to your hosting company and ask them if Let's Encrypt is available as an option. For example, Rochen has made it super easy to install a Let's Encrypt certificate and for free.
Even if they don't have Let's Encrypt available for free, they should have a paid service available to buy and install the certificate for you.
Once SSL is setup on the server, you'd need to redirect everything to SSL. Usually just two things are needed:
- Redirect everything to SSL via htaccess
- Change Joomla's Force SSL setting in the Global Configuration:
All in all, it can take anywhere from 15 minutes to several days, depends on your host's response times, available services, and your experience.
Disadvantage #3: Performance
Technically, connecting via https is slightly slower, since there needs to be an authenticating handshake between the server and user. This requires more server resources.
But, for modern computing and networks, it's negligible. A user won't notice the difference and neither will your servers in almost all cases.
For most sites, the pros will heavily outweigh the cons.
It's worth the extra effort and has a big, positive impact on your site and for your users.