Many professional pearl and bead stringers maintain their own websites – as I do – to introduce themselves and to acquaint potential clients with their jewelry.
In my case, the idea is to introduce myself and to describe as thoroughly as possible the various products I offer for sale.
If someone is interested in purchasing any of these products, they click on the Paypal button and are taken to that site where the actual transaction is made. Paypal is of course a trusted platform for making payments over the internet and in addition to serving people with Paypal accounts, also accepts credit cards from people without those accounts. (I posted the Paypal logo opposite in the remote chance that a reader may not be familiar with PayPal.)
In other words, I do NOT actually make the sale. Nor do I collect any transactional information on anyone buying a product from me. I couldn’t if I wanted to because the ACTUAL transaction is made off my website and on a site which specializes in internet purchases and which is well known for its commitment to security. As a seller of products on the internet, I have that obligation to clients to ensure that their information is secure and PayPal has earned my confidence as it has tens of thousands of other small merchants.
(Stay with me here. This is not a paean to PayPal. If you maintain a website, there’s a high probability you might want this information.)
Enter Google & SSL
While I do not follow the rumblings of Google in the way that experts do, I maintain my own website and as a consequence notice major shifts in Google policy especially as they affect the functioning of my website.
In the past few months I’ve become aware that Google is indicating that website owners should add what’s called a “secure socket layer” or SSL to their websites to encrypt and protect information that is collected by that website. To signal to website visitors that their information is protected, websites who add this SSL will have a lock in the upper left corner and https:// in the url itself. The configuration will look like this:
Notice the lock on the left; the “Secure” language and the fact that the URL has changed to https://
I admit to an initial reluctance to begin to navigate the always complicated process of changing the basic structure of the website. Surely, I reasoned, this recommendation would not apply to an informational site where transactions occur on another site.
“Oh, yes, it does,” said SEO experts. “If you don’t comply, visitors to your site will get warnings that look like this:”
I’d be worried if I saw that kind of warning on any site I visited. In addition, when I researched the issue, I was assured by experts whose prose I had difficulty reading that the SSL was necessary and important. So, scared by the warning messages, bullied by Google and advised by SEO experts, I decided to acquire SSL even though I was and am perplexed about the need for one.
Not being familiar with SSLs or how to install them, I did what most people do when they want to acquaint themselves with a new subject, I went to Youtube.
There, I learned that SSLs can be obtained in one of two ways. You can get a free one from several sources. In addition, some, but not all, web hosting companies offer free SSLs. Second, of course, you can buy one.
I quickly learned that my web hosting company, Hostgator, does NOT offer free SSLs. So, feeling injured because I was bullied into this in the first place and because I dislike being compelled to spend money, I went for the free SSL from a company called “Cloud Flare.”
Thus, I inaugurated ten days of pure “webmaster” hell as my site became, first, inaccessible to me through the administrative back end and then began to reflect the most dire warnings Google can devise on the front end.
After trying repeatedly to uninstall the SSL from Cloud Flare, I contacted my hosting company, requested that they uninstall it and, of course, bought the SSL which was in the neighborhood of $40.
I will not bore you with details, but will tell you it took about 10 business days to resolve the damage to the website and install the new SSL so my site reflects the new level of security Google is insisting upon.
I (apparently mistakenly) regard myself as having at least some competence when it comes to navigating Google headwaters. I’m obviously wrong! So, I have two bits of advice.
First, whether you think it’s important or not, I strongly recommend you incorporate an SSL into your website. You just can’t fight city hall. You just can’t. This is google’s play pen and it makes the rules.
Second, please, please avoid the mistakes and worry I brought upon my myself. Skip the well-meaning people on youtube and go directly to your hosting company and, if necessary, buy the SSL. Then let them install it.