SSL (Secure Sockets Layer) is the web security technology for establishing an encrypted link between a web server and another browser. The SSL certificate is a mechanism that ensures that all data passed between a web hosting server and a browser remains private. If your site isn't utilizing SSL encryption your users will get a big fat "Not Secure" nastygram in their browser when they go to your website while using the Chrome Browser. Even if there is no real need for your site to obtain an SSL because you don't transmit any sensitive information. This kind of stuff is really irritating because Google is forcing you to get something that you might not need and that isn't right.
Most SSL certificates will cost you money and it is a recurring fee that you are required to pay every year. One way around the cost is to utilize Cloudflare as your content delivery network and then utilize their "shared" SSL certificate. Or another way is to utlize a free service called Let's Encrypt. If there are any additional free options please leave them in the comment section below.
This is another thing that I find interesting is that Google the search engine giant will punish your site if it is loading slowly. Did you know adding an SSL certificate to your site will probably cause it to slow down because that is the nature of the SSL certificate? So in one hand Google is forcing you to get something on your website and then on the other hand they may punish you for a worse performing site. Folks I can't even make this stuff up. This feels like we are riding the "crazy train" , I mean who does this kind of stuff? Once again Google used to have that "Do no Evil" moniker, but this sounds kind of evil especially for business owners that don't need a SSL to begin with. Don't get me wrong SSL certificates are important for any online site that deals with sensitive information or logins. So, I'm not diminishing the importance of an SSL, but a vast majority of the websites on the interwebz doesn't have logins or secure information.
One way to keep the SSL certificate from slowing down the performance of your site is to see if your website host is utilizing http/2 insteand of http. HTTP enables the retrieval of network connected resources available across the cyber world and is the basis for the internet. The main limitation with HTTP is it only allows the retrival of one stream of data from a web server at a time. HTTP/2 allows multiple streams of data to be pulled down from a server therefore speeding up the loading of a webpage. FYI, for all you really techy guys out there this is just a cliff notes version of HTTP I'm sure I'm leaving a bunch out but this is the general gist. So in the end if you add both an SSL certificate and pair it with a web hosting company that also utilizes HTTP/2 this will offset the performance issue that an SSL certificate causes. That being said most commercial web hosts don't utilize HTTP/2 especially for small businesses that are utilizing shared hosting. I truly believe that if Google was going to be fair in enforcing the SSL rules then they should also force web hosting companies to utilize HTTP/2.
Comments
Feb 06 2020
This test verifies that you accept a Webmention request that contains a valid source and target URL. To pass this test, your Webmention endpoint must return either HTTP 200, 201 or 202 along with the appropriate headers.
If your endpoint returns HTTP 201, then it MUST also return a
Location
header. If it returns HTTP 200 or 202, then it MUST NOT include aLocation
header.