October 4, 2018 How to Secure Your Website
How to make sure your church website is secure and within Google regulations.
Securing your website used to be a concern only if you were accepting or accessing sensitive personal data, such as processing credit card payments or allowing users to log in to your site.
However, in recent months, some web browsers have started to alert users if a website is "not secure," even if there doesn't appear to be an immediate concern about personal information being captured.
The language is provocative! A site that's labeled "not secure" sounds like an active threat to visitors, even though it most likely just means that the website does not use a SSL certificate to encrypt information being sent to and from the site visitor. You can check your site's security status if you're not sure.
If you see a similar warning on your own website, securing your site is easy and affordable, following these 3 steps:
- Obtain a Certificate Signing Request, or CSR. This will need to come from your website hosting provider.
- Using the CSR, purchase a SSL certificate. There are many vendors that can provide a certificate, and prices vary. We recommend RapidSSL, Comodo or GlobalSign. If you manage your own web server, the free and open source Let's Encrypt certificate may also be a good option for you.
- The certificate vendor will need to verify your ownership of the site. Once that has been done, they will generate the certificate files, which you can then send back to your hosting provider, who will install them on the server.
After that, you should see a "Secure" notification letting you and your site visitors know that your website is secure!
