Your church web hosting company can have a huge impact on how you secure your website is, because every web hosting company handles SSL certificates differently.
SSL Certificate Overview
An SSL certificate is what encrypts data sent to and from a website. Websites with an SSL are accessed using https:// while websites without an SSL are accessed with http://
Just a few years ago, the general consensus was that only websites that sent and received private information like credit cards, social security, and account information needed to an SSL certificate to encrypt data.
Today, we recommend every website have the security of an SSL certificate. What’s changed?
- Website Security – Even if your church website only provide information about services and ministries, your website has a login page. Without an SSL certificate, your username and password are transmitted unencrypted and vulnerable to hacking.
- Google Chrome – Google decided it wants every website to have an SSL certificate, so they updated their Chrome web browser to show “not secure” in the address bar of every website that doesn’t have an SSL. So, now if you don’t get an SSL certificate, you may end up scaring away visitors.
- Google Search – Google also decided to give a boost in search rankings to sites with an SSL certificate giving added incentive to get one for church SEO reasons.
The 5 Steps to Setting up an SSL Certificate with a Church Website
No matter what company provides your church web hosting service, there are 5 basic things that must be done to get an SSL certificate working with your website.
1) Purchase the SSL. Some web hosting companies are partners or affiliate of SSL certificate providers which enables their customers to purchase an SSL from the hosting company. If not, you have to find an SSL certificate company and purchase from them.
2) Configure/Verify the SSL. Once the SSL is purchased, you have to provide information about your organization and verify you own the domain name for which the SSL was purchased. This can be complicated. It’s a good idea to find out if a web hosting company will do this for you, or help you with it if you have to do it yourself and run into problems.
3) Install the SSL. The SSL certificate then needs to be installed on the server where the website is hosted. Again, this can be complicated. Some web hosts will do this for you, others don’t.
4) Update Your Website to HTTPS. Once the SSL certificate is installed and working, your website will be accessible at https:// URLs. However, the menu and other links on your website which were originally http need to be updated to https. OurChurch.Com does this for its clients, but I’m not aware of any other web hosting company that does.
5) Redirect http to https. Even after you update the links on your website to https, the pages of your website will still be accessible at the old unsecure http URLs. To stop this, some code should be added to the .htaccess file to redirect all http URLs to https. This is something OurChurch.Com does for its clients, but I don’t believe any other church web hosting companies do this.
When deciding on a church web hosting company, it’s important to consider whether you want to go with a company that offers a “full service” SSL certificate, where they take care of the configuration, verification, installation, website update and redirect, or whether you’re ok with doing all of those things yourself.
Peace be within your walls and security within your towers! -Psalm 122:7
Read more about the 9 Factors to Consider when Choosing a Church Web Hosting Company
- Do you have an SSL certificate for your church website?
- What questions do you have about SSL certificates?