Menu Show


HTTPS & SSL Certificates Explained: Website Security 101

If you seek a simple yet profound understanding of SSL certificates, then you've come to the right place. In this post, we'll explain HTTPS and SSL/TLS certificates in language that you can easily understand. That’s why we have “HTTPS and SSL certificates explained” in the title. But before we dive deep into SSL certificates and how they work, let's first have a look at how the world looked before SSL certificates.


TLS vs SSL vs HTTPS: What’s the Difference?

TLS, SSL, HTTPS. TLS vs SSL. SSL vs HTTPS. Acronym soup. The world of website security acronyms can be almost as annoying as that Deangelo Vickers character from the TV show “The Office” if you’re just getting to know about it. Although Deangelo Vickers will always win this battle, in my opinion, at least we can turn him off and watch something else. But when it comes to the acronyms and lingo of the cyber security industry, there’s no option but to learn suck it up and learn them. So, let’s get started by talking about each and what the difference is between SSL and HTTPS, and where TLS fits in.


Why Should I Pick HTTPS Instead of HTTP for My Blog?

In the battle of HTTPS instead of HTTP — or vice versa — which comes out on top? Whether you’re holding off on HTTPS because of the rumored costs associated with the protocol or you simply don’t want to go through the hassle of making the switch, it’s something that you need to do. Google deemed it necessary and made it mandatory in 2018 — other major browsers followed suited.


TLS vs SSL vs HTTPS – What’s the Difference?

That’s a great question. Over the past several years, Google and Mozilla have led a push that encourages all websites to switch from HTTP to HTTPS. This has led to a lot more awareness around website security and internet encryption, but many people find the acronyms a bit confusing. And, quite frankly, we can’t blame them — there are a lot of abbreviations to keep track of when it comes to website security! Let’s break down TLS vs SSL vs HTTPS in simple language.


How To Add HTTPS Security To WordPress

WordPress HTTPS

With Google pushing all websites to switch to HTTPS, many website owners are making the jump to add HTTPS to WordPress. Here's how to make the switch to HTTPS, step-by-step.


What We Learned About WordPress Security From Crawling 24,000 Websites

WordPress Security

Half of websites use outdated WordPress versions; Only 1/4 of small websites use HTTPS

Concerned about protecting the security of your WordPress website? You should be! Thousands of websites are hacked every day, and because WordPress is used by about 30% of the web it’s a favorite target for hackers. Perhaps the most dramatic illustration of this was the 2017 vulnerability that led to over 1.5 million websites being hacked, but less dramatic (but no less harmful) hacks occur constantly.

That’s not to say that WordPress can’t be a secure, reliable platform for your website to run on. It definitely can, if proper security measures are taken. As this study shows, though, far too many site owners are not taking even the most basic security steps.

WordPress isn’t inherently less secure than any other platform, but with the volume of WP sites out there, coupled with far too many site owners neglecting their WP sites, well…there’s a lot of low-hanging fruit out there for hackers to exploit. –Ken Dawes @ The Web Mechanic

Why Are WordPress Updates So Important?

One of the simplest ways to avoid becoming a victim of hacking is installing the latest updates for WordPress, plugins, and themes. These updates often contain patches for security vulnerabilities found by hackers or researchers. (One popular vulnerability database lists over 11,000 known vulnerabilities that have been found in older versions of WordPress and its themes and plugins.) The quicker you install the updates, the more likely you’ll protect your site before a hacker gets around to targeting you.

About 1/2 Of Websites Use An Outdated Version Of WordPress

We analyzed the Quantcast top 10,000 WordPress sites on April 5, 2018 to determine which version of WordPress the sites were running. (The latest version (4.9.5) had been released 2 days earlier on April 3rd.) We found that 49% of the sites were running an outdated version of WordPress:

  • 51% were using the latest version (4.9.5)
  • 15% were using the previous version (4.9.4)
  • 34% were using older versions (4.9.3 or before)

wordpress security study top 10k sites

Many Sites Are Very Slow