Viskas, ko reikia parduoti internetu

Set up an online store in minutes to sell on a website, socialinė žiniasklaida, or marketplaces.

HTTPS: How to Increase Search Engines’ and People’s Trust

How to Use HTTPS Protocol and SSL Certificates to Protect Your Online Store

17 min read

When customers buy something from your store, they share their private data – name, paštu, credit card details – with you. Kaip prekybininkas, you want to keep this vulnerable data secure from hackers, scammers, and data thieves. That is crucial for building trust with your audience.

You can and should protect your customer data and increase the trust in your business with HTTPS protocol and an SSL certificate. Not only can those tools improve security and increase your trustworthiness, they can also help your store rank better in search engines.

Jei tu sell online su Ecwid, you’ll be pleased to know that your customer data is already protected. Dar, using an SSL certificate can have a few additional benefits.

Šiame įraše, we’ll show you how the HTTPS protocol and SSL certificates work, and how you can get them for your website.

Understanding SSL Certificates and the HTTPS Protocol

On the internet, all data is transferred from device to device according to certain rules or protocols.

For websites, this protocol is called HyperText Transfer Protocol (HTTP). It transfers the data that your customers enter on your website to the server that hosts your website, and then it helps to send the response to the browser. Pavyzdžiui, the user presses a button and a new page opens, or they fill in the email registration form and see the confirmation of a successful registration.

The problem with HTTP is that it doesn’t protect any data that’s transferred from browsers to servers. Any data going through HTTP is essentially “naked”.

A good analogy is to think of two students passing notes across a classroom. Any of their classmates can read, kopija, or even replace the note. It’s the same with your customer data: a villain can steal credit card details and money from it.

That’s why a new protocol was created for protecting data: HTTPS (HyperText Transfer Protocol Saugus). With HTTPS, all data transfers between a user and a web server are encrypted. This encryption is so complex that it is nearly impossible to hack and use the data.

In order to use the HTTPS protocol, your site first needs an SSL (Secure Socket Layer) certificate.

An SSL certificate is essentially a key for encrypting data. It protects data on three levels:

  1. Data encryption. Hackers won’t be able to see what information a user entered on the site or to track user actions on a page. Think of it as a note written with a cipher – it can only be read by someone who knows the key.
  2. Data integrity. Hackers can’t replace or distort the transmitted data. Toliau, without knowing the key, it is impossible to write, Redaguoti, or manipulate the data, just like in a ciphered note situation.
  3. Authentication. SSL ensures that a user is on a trusted site and not on a hacker’s page. If just two participants know the key, they are sure to know from whom they received the note. A stranger cannot pass their own note and get the information by cheating.

You can see if a site is protected by an SSL certificate via the HTTPS protocol in the URL address. Most browsers indicate it visually in the form of a lock icon:

HTTPS lock icon

SSL certificates are distributed by special organizations – certification centers.

Who Should Use SSL (and Why)

SSL is required for sites where users were entering sensitive information – such as credit card details. E-commerce stores that do not want to lose their customers have been using the HTTPS protocol for a while already.

But often, online stores only protect registration and checkout pages with SSL, because those are the only places where their customers share personal data. The rest of the website often works on the insecure HTTP.

Šiandien, HTTPS is a must for every web page. There’s a number of reasons for it.

Browsers flag unprotected sites

Chrome and Firefox, two of the most popular browsers in the world, visually mark sites that don’t use SSL.

Insecure Http

For now, only a gray information icon is visible. But in the future, browsers plan to change the security indicator to a red triangle for pages on HTTP. Your customers are used to seeing this as a “warning” indicator.

Vadinasi, not using SSL can make people afraid of buying from your website.

Using SSL improves rankings

Back in 2014, Google announced that it would consider using SSL as a ranking signal. This meant that sites using SSL would get a boost in search engine traffic.

Payment service requirements

A growing number of payment services have HTTPS as a requirement for working with them. Pavyzdžiui, Apple Pay works only with HTTPS.

It increases trust

Concerns over payment security is one of the top 10 reasons for shopping cart abandonment. When you add an SSL certificate to your store, you visually communicate to users that their payment data are safe.

Secure sign on HTTPS websites

More trust, žinoma, equals more sales.

If you want your customers to easily find your store in search engines and trust you more easily, don’t put off switching to HTTPS.

How to Get an SSL Certificate and Switch to HTTPS

To switch to HTTPS, you first need to buy and install an SSL certificate on the website. This process can be either simple or more complex for some stores, depending on the kind of site you have.

1. You’re using an Ecwid Instant Site

Anyone who has registered with Ecwid gets a website with a built-in online store. This site is completely free for all users.

You might know this as the „Ecwid“ momentinė svetainė.

If you use this site, then you already have an SSL certificate by default. An online store on an Ecwid Instant Site conforms to the international standards for secure data transmission.

Try it right now – head over to your Instant Site and look closely at the address bar in the browser. You will see a green lock icon with the message “Secure” next to the URL. Rest assured that your online store is secure.

Secure sign

Do you want to link your Instant Site to your custom domain (so that it redirects to and not

You get a free SSL certificate for this action as well. Just follow these steps:

  1. Login to your Ecwid store, then go to Settings → Instant Site and click on theChange Address” mygtuką.
  2. Click on theUse your domainfield and follow the instructions that appear on-screen.

Instant Site Settings

2. You’ve added Ecwid on your own website

You can set up an Ecwid store on any site and be cool with customer data security. Pavyzdžiui, this can be a WordPress blog, an Adobe Muse Interneto svetainė, or your own static HTML page.

In case you’ve taken this route, you don’t need to worry about the safety of your customers’ data at all. Since the data is transferred via our highly protected servers, all the data is kept and processed on Ecwid’s own SSL-protected servers.

If you added Ecwid to your own website that doesn’t have an SSL certificate, your customers will not see the secure “lock” icon anywhere except during checkout, which they might find frustrating.

Here are a few ways you can buy and use SSL certificates for different website builders:

Wix: You can use an SSL certificate for free with Wix. You’ll have to first enable this certificate by going into the settings, then following the instructions.

Weebly: tu gali automatically add an SSL certificate to your Weebly site.

Joomla, WordPress, Drupal: you’ll need to buy an SSL certificate from your domain registrar or a hosting provider and install it on your website using the instructions (you’ll probably need a developer):

Self-built websites: buy an SSL certificate from your hosting provider/domain and install it yourselves or with the help of your IT guy.

Follow the instructions below to learn about the different types of SSL certificates and where to buy them.

Types of SSL certificates

Iš esmės, there are 3 types of certificates. They differ in speed of issuance and the extent of the seller’s inspections.

1. Certificates With Domain Validation (DV)

The simplest option. Once you buy a DV SSL certificate, you’ll get a link to verify the domain ownership on your listed email address.

DV is issued almost instantly. It is also the cheapest option, with some sellers even offering it for free.

2. Certificates With Organization Validation (OV)

To get an OV SSL certificate, you need to confirm the existence of your corporation or LLC, by giving the certificate-issuing authority the necessary documents.

An OV SSL certificate can take 1-3 days to get. This certificate always needs to be paid for.

3. Certificate With Extended Validation (EV)

An EV certificate can be recognized by the name of the company on a green background near the website address. You might have seen them on financial websites:

PayPal SSL Certificate

Before an EV SSL can be issued, the certifying authority carries out a thorough check. It can take 3-10 dienų, and even more, to get an EV certificate.

This certificate is best suited for banks and payment systems.

DV, OV, EV – regardless of what kind of SSL certificate you choose, understand that they all protect your data the same way. This is why you can use the cheapest option – a basic SSL with domain verification – without worrying about your security. You’ll need to renew your SSL certificate regularly – if the certificate is not renewed next year, not only do you lose your protection, but the site might not even open for most users.

An SSL certificate will cost around $50/year. Some providers sell more expensive variants, but you should avoid overspending. The basic data security offered remains the same, regardless of whether you buy a $50 or a $150 SSL.

Although some providers offer free SSL certificates, they are severely “watered down” variants without any benefits. You should not buy the first one you see.

SSL certificates are issued by “trust centers”. Some of the more popular trust centers are:

  • Comodo
  • Symantec
  • Digicert
  • Geotrust

You can buy certificates issued by these centers from domain registrars, hosting websites, and SSL resellers. Papildomai, there are also free certificates.

Below, we’ll help you understand the options better.

1. Buy an SSL certificate from domain registrar or hosting service

Most domain registrars and hosting services sell SSL certificates as well. Kai kuriais atvejais, the registrar might even issue a free certificate as a gift or purchase.

Buying from a domain registrar or a hosting service works great since it makes it easy to switch from HTTP to HTTPS.

Here are some popular options:

If your domain registrar or web host also offers SSL certificates, we recommend buying one from them, even if it is slightly more expensive. This will save you hours when it comes time to install the certificate and switch to HTTPS.

2. Get a free SSL certificate

If your web host/registrar does not sell SSL certificates or if your budget is limited, you can opt for a free certificate. Free certificates come in only one flavor – Domain Validation (DV). That is enough to protect the data.

We recommend the following services:


Cloudflare offers free SSL certificates with up to 15 years of subscription. Apart from data protection, it has other benefits like basic protection from DDoS attacks and the automatic speeding up of your website.

There are disadvantages as well:

  • It works only in new browsers. If your customers use older browsers (older than Internet Explorer 11, Firefox 2, Opera 8, Google Chrome v5.0.342.0, Safari 2.1, Mobile Safari for iOS 4.0, Android 3.0 (Honeycomb), Windows Phone 7), they won’t see “https” on your website.
  • One general certificate protects several sites at the same time. Though, it will protect your website just like an individual one.
  • Cloudflare will ask you to use their own server data and your website traffic will be going through the Cloudflare servers, which may cause a decrease in loading speed (though not necessarily).

These drawbacks are not critical, ir apskritai, Cloudflare is optimal for those who are not ready to spend money on an SSL certificate but want to start protecting their customer data. If you choose between remaining on HTTP or getting an SSL certificate from Cloudflare, we recommend you to choose the second option.

To get an SSL certificate from Cloudflare, Registruotis and follow the instructions.

Let’s Encrypt

This is a free service without Cloudflare’s cons, but it has its own limitations.

Let’s Encrypt offers certificates for three months only, so you’ll have to set up automatic renewal, which will require access to your website’s server settings (available on VPS hostings like Amazon AWS, Linode, Digital Ocean). That means you’ll likely need a system administrator.

There are two options for getting an SSL certificate from Let’s Encrypt:

  1. Manually on via the “Manual mode” section
  2. Semi-automatically or automatically (depending on your online store’s server software) via Certbot.

3. Buy an SSL certificate from a reseller

If you don’t want to spend time on adjusting a Let’s Encrypt certificate and don’t feel like using Cloudflare, you can buy an SSL certificate from one of the resellers:

Choose any reseller you like, and remember that there’s not much sense in buying the most expensive option since they will all protect your website just fine.

How to Not Lose Traffic When You Switch to HTTPS

When you switch from HTTP to HTTPS, the site address changes for search robots (iš This can negatively affect your rankings in search engines.

Skaityti Google’s recommendations for maintaining your ranking, and even making it better. We strongly recommend you read them to avoid losing customers if you install an SSL certificate on your own. You can also ask the support team of your site builder if these conditions were met with their HTTP → HTTPS migration.


Let’s sum up our recommendations:

  • If you use Ecwid Instant Site, you’re fine: the entire website is on HTTPS.
  • For Wix and Weebly websites, enable your SSL certificate in settings.
  • If you sell on your own website, check with your domain/hosting provider if you have an SSL certificate. If no, request for it.
  • If your domain/hosting provider doesn’t sell SSL certificates, get a free one on Cloudflare or buy it from a reseller.



Parduodu internetu

With Ecwid Ecommerce, you can easily sell anywhere, visiems – internete ir visame pasaulyje.

About the author

Anna is a content creator at Ecwid. She loves big cities, pasta and Woody Allen's films.

Ecommerce that has your back

So simple to use – even my most technophobic clients can manage. Easy to install, quick to set up. Light years ahead of other shop plugins.
I’m so impressed I’ve recommended it to my website clients and am now using it for my own store along with four others for which I webmaster. Beautiful coding, excellent top-notch support, great documentation, fantastic how-to videos. Thank you so much Ecwid, you rock!
I’ve used Ecwid and I love the platform itself. Everything is so simplified it’s insane. I love how you have different options to choose shipping carriers, to be able to put in so many different variants. It’s a pretty open e-commerce gateway.
Easy to use, prieinama kaina (and a free option if starting off). Looks professional, many templates to select from. The App is my favorite feature as I can manage my store right from my phone. Highly recommended 👌👍
I like that Ecwid was easy to start and to use. Even for a person like me, without any technical background. Very well written help articles. And the support team is the best for my opinion.
For everything it has to offer, ECWID is incredibly easy to set up. Highly recommend! I did a lot of research and tried about 3 other competitors. Just try ECWID and you'll be online in no time.

Your ecommerce dreams start here

By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts.
Your Privacy

When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalized web experience. Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. Tačiau, blocking some types of cookies may impact your experience of the site and the services we are able to offer. More information

More information

Strictly Necessary Cookies (Always active)
These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.
Targeting Cookies
These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.
Functional Cookies
These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third-party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.
Performance Cookies
These cookies allow us to count visits and traffic sources, so we can measure and improve the performance of our site. They help us know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies, we will not know when you have visited our site.