Revelations like Edward Snowden’s about NSA spying, and Google’s announcement that it will begin considering a site’s HTTPS status in its rankings, led to a lot of talk about moving websites to secure connections. Similarly, the rise in ecommerce, and the simplicity with which one can accept payments online, has increased the need for sites to be available securely. With so much terminology that’s likely new, often very similar, and rarely more than a stream of initialisms, this entire discussion can be very intimidating. I’ll clarify basic terminology, offer some reasons why it’s worthwhile to secure a site whenever possible, and share several solutions to cover everything from simple to enterprise needs.
While securing a site can be intimidating at first, the recent introduction of Let’s Encrypt (https://letsencrypt.org/) significantly simplifies the process for most sites. Many hosts have introduced support for this service, which I’ll discuss before delving into options for sites and circumstances that aren’t suited to Let’s Encrypt.