How to Get the Best Shared SSL Hosting
What is Shared SSL Hosting?
If you need SSL on your website, there are many hosts who can provide it for you. In this article, I will explain its features, what to look for and how to the find the best hosting for your needs.
Let's take a look at the why Shared SSL hosting could be right for you...
What is Shared SSL?
Secured Socket Layer (SSL) is a cryptographic protocol that provides communication security over a local computer network or the internet. An SSL certificate is an electronic document used to validate and bind the identity and the ownership of an organization with a cryptographic key, thus enabling secure and trusted communication.
SSL certificates are issued by the Certification Authorities (CAs), who make sure that certificates are issued only to legitimate businesses and websites.
Traditionally, SSL certificates are issued for a single domain, but many other options exist when purchasing an SSL certificate.
Namecheap now gives their Shared SSL certificates for free.
Most hosting providers offer two very different types of SSL certificates for their customers - private SSL certificates and shared SSL certificates. With inexpensive shared hosting plans, customers usually get a shared SSL certificate for their website.
5 Reasons Why You'd Need an SSL Certificate
SSL certificates were primarily used on e-commerce websites that process hundreds of credit card transactions on a daily basis. But, nowadays, more websites are starting to use an SSL certificate and switching to HTTPS which is the standard HTTP (HyperText Transfer Protocol) plus SSL (Secure Socket Layer).
Let's take a look at and sum-up the immediate benefits of having an SSL certificate as a webmaster:
- Encryption of Information: information is harder to track/steal
- Phishing Protection: phishing scams rarely obtain an SSL certificate - protect your customers
- Authentication: due to mediation between browsers and your SSL, customers can verify your site's legitimacy
- Visitor Trust: build a general sense of trust with new visitors
- Improves Brand Trust: Create a healthier brand by associating it with trust and reliability.
SSL certificates encrypt all information that's sent between a visitor's' browser and your website's server, including personal and financial information. That information usually travels from computer to computer to get to the destination server.
Problems With Not Having an SSL Certificate
Without an SSL certificate, information such as usernames, passwords, credit card information, and other sensitive information can be read by any computer that's between your visitors and your server.
Even if you're not selling anything online, you still need an SSL certificate if you require visitors to fill out a form on your site, register for a membership area or collect information from them in any other way.
Here's What Your Shared SSL Hosting Needs To Offer
Many shared hosting packages include access to a shared secure sockets layer (SSL) certificate useful for creating a secure connection for website maintenance, or to use on a trial basis when setting up payment systems. The shared SSL isn’t always widely advertised, so be sure to ask candidate hosting providers about availability and the procedure for using the shared SSL. We recommend BlueHost for hosting that includes access to a shared SSL.
Find The Best Shared SSL Hosting For You
Shared or Private SSL
A shared SSL certificate points to the hostname of the hosting server and binds to the company name of your hosting provider; it is also shared by all websites hosted on that particular server.
Shared SSL may sound like a budget solution, but it's still sufficient for most users that merely need to secure the administrative part of their websites, such as the control panel.
When Not to Have a Shared SSL Certificates
If your website is geared towards e-commerce, or if it collects sensitive personal data from your visitors for a different reason, using a shared SSL certificate is not recommended.
This is because shared SSL certificates point at your hosting provider, not at your company and your website. It breaks the trust of the customers and does not validate your website and company as being unquestionably legitimate.
Namecheap offers a variety of premium SSL certificates.
If you use a shared SSL certificate, your domain will not be listed correctly in the address of your e-commerce cart. It will display the hostname of your server instead, and if the customers notice that the URL in the cart has changed, they could potentially see that as a red flag. Ultimately, you will need to get a private SSL certificate to create a serious, trustworthy e-commerce website that will instill confidence.
How to Choose Shared or Private
To know what benefits you the most, you must first familiarize yourself with your website and where it may be in the near future:
|Who is it worth it for?||Website Size||Visitors||Website Type|
|Shared SSL||Small to mediocre sites||Low volume||Leisure or hobby|
|Private SSL||Larger or growing e-businesses||High Volume||E-commerce, shop or affiliate venture|
A private SSL certificate is a more expensive option, but it validates and identifies your business and domain as being legitimate, and gives your customers a greater feeling of security and trust. With a private SSL certificate, your domain will be correctly listed in the address of your e-commerce cart.
Browser Warnings with Shared SSL
Using Shared SSL in combination with your domain name will always create browser warning pages. Instead of displaying the requested webpage, Internet Explorer displays a warning similar to "There is a problem with this website's security certificate", while Firefox prompts "This connection is untrusted".
You can see an obvious problem here: Your users probably don't know much about SSL and underlying technology used on your site, and all they see are browser warnings, telling them your site can't be trusted!
In order to use the Shared SSL without browser warnings, you must use your hosting provider's secure server hostname in the URL instead of your domain name, plus your control panel username, similar to:
This way, you will avoid browser warnings, but your control panel username is now exposed and visible.
Why Not Use Private SSL Instead?
Because it's simply not an option for many people. It costs more, yet many small sites don't need it. Sure, it would boost security, but in most cases, it would be overkill.
Learn about SSL certificates on Namecheap before committing to a purchase.
Think of it this way: If you're building a small hobby site, you don't need a dedicated server, nor would you stand to gain much from having one. Yes, your site would probably work a bit better, but it wouldn't make any financial sense.
5 Questions Before Buying a Private SSL Certificate
The same is true of private SSL because a lot of sites simply don't need it and wouldn't gain much if they implemented a private SSL certificate. Prior to committing to a private SSL certificate, ask yourself 5 questions:
- Is my website busy enough for a private SSL certificate to matter?
- Am I getting any prominent visitors/
- What do I lose if I opt-in for a shared SSL certificate instead?
- Will I be at a loss if I buy a private SSL certificate?
- What are my overall advantages/disadvantages of either choice?
Following some research, as well as reading this page, you should be able to answer most of the above - providing you have a decent knowledge of your own venture.
In any case, this is more of a philosophical exercise because small sites are usually hosted on shared servers and come with shared SSL as standard, so private SSL certificates aren't even a viable option for such sites.
Moving Forward with Shared SSL
Even though it's not sufficient for some use-cases, shared SSL is anything but useless. It does an admirable job of securing the administrative access to your website and it keeps millions of small sites safe.
However, it is simply not meant for public use, e.g. for website visitors.
Keep in mind that shared SSL certificates are usually only available with shared hosting plans. Many hosting companies include free shared SSL certificates with their shared hosting plans, while others charge a small fee to activate shared SSL on their plans.
Private, or dedicated SSL certificates come with a substantially higher fee, but if you're building an e-commerce site, they are a vastly superior solution, as they can make a huge difference in user confidence. Buyers don't like security warnings, which is why private SSL is a must in the e-commerce niche (and a few others).
My Top Three Shared SSL Hosts
With all the choices for shared SSL hosting, it seemed reasonable that I start you out with my three favorites. They are a good place to start. And you can move out from there.
If you want a host that's budget-friendly then Bluehost is a clear choice.
It offers affordable shared hosting plans and an intuitive account area. You can use the free site builder to create a simple website or opt for a one-click WordPress install if you'd like a more robust platform that's still easy to use.
Bluehost also offers a free domain name, 24/7 customer support, and MOJO marketplace integration where you can find hundreds of templates, themes, plugins, and extensions for your site.
iPage markets itself as the beginner-friendly hosting provider, aimed at freelancers and micro-businesses.
Unlike many other hosting companies, it uses languages most of us can understand and offers unlimited disk space. You can host unlimited websites and use a one-click installer to get your site up and running on WordPress, Drupal, Joomla, and other CMSs.
You'll also get a free domain name and access to free marketing tools which could give you the initial boost when you're trying to get your website off the ground.
Go with A2 Hosting if you care about the environment and want your website to load fast while enjoying the benefits of a free SSL certificate.
All accounts come loaded with cPanel and optimized Softaculous installers for WordPress, Joomla, and hundreds of other applications which improve website performance and security.
You can transfer your site for free and get a dedicated IP address for an additional, affordable fee.
Pros and Cons of Shared SSL Hosting
By this point, you should know that you need an SSL certificate. But should it be private or shared? Here are the pros and cons of getting a shared SSL certificates.
- Available for free or a small fee on most shared hosting plans
- Keeps the administrative area of your hosting account safe.
- The URL in the address bar changes to reflect the server name of your hosting provider
- Cause browser warning which can be avoided if you point users to your web host's secure server hostname
- Security warnings and URL change can cause distrust in customers
- Shouldn't be used to encrypt credit card information or process credit card transaction.
Shared SSL Hosting Frequently Asked Questions
What is SSL?
SSL stands for Secure Sockets Layer. It is a technology for setting up an encrypted connection between a website visitor and the website itself.
What is Shared SSL?
Shared SSL is having SSL when your website is hosted on a shared server.
Why would anyone want shared SSL?
If you're logging into the admin panel on your website, you want that to be as secure as possible. Shared SSL can make sure it is. If you're running a small business and need a secure site for your employees to share information, shared SSL can be an inexpensive solution. Shared SSL can be used for a number situations where you don't require public access.
It cannot be used for public access. For that, you would need an SSL that is specific to your domain — a private SSL certificate. That would also require that your shared hosting account have its own (non-shared) IP address.
Why do I have to go to my host's subdomain instead of my own when accessing my SSL protected admin area?
Shared SSL utilizes the domain name of the host, so it makes sense for hosts to utilize their own domain when providing free SSL-secured access to admin panels. If your admin panel was accessed through a sub-domain of your own, you would receive a warning every time you tried to log in because the domain would not match the certificate.
How long does an SSL certificate last?
SSL certificates vary in length, depending on where you purchase the certificate, the packages they offer, and options you selected. Just as you can select from different time frames when you purchase hosting, SSL authorities often offer a longer-term certificate at a lower rate. Of course, if your host offers shared SSL for free, your certificate will last as long as you remain with that host.
What sort of data can be secured using SSL?
SSL can be used to secure any type of data, from text documents to images to financial information. Its technology is not type-specific but instead encrypts any data using a combination of public and private key cryptography to send and receive information over the internet.
What does a browser check for when it connects to an SSL site?
When a browser identifies an SSL site, it sends a request for the SSL Certificate and verifies that it has not expired, was issued by a trusted certificate authority, and is being used by the website it was issued for. If any of these checks fail, the browser will display a warning to let users know the site is not secured by SSL.
Why does it matter whose name is on the certificate?
Public and private SSL both use the same encryption system; however, if you're visiting a website and its certificate is registered to a different website, your browser cannot verify the certificate is being used by the site it was issued for. Trust is broken, and the browser will warn you as such. Even if you can verify that the site is using a shared SSL plan, it at least raises red flags.
What is the difference between SSL and TLS?
TLS was based on SSL and follows the same principles for data security; however, TLS added a number of security measures not previously provided by SSL.
This is not to say you should go on a hunt for a host that provides TLS certification. For one thing, you might have a hard time finding one.
TLS and SSL are now all but synonymous. If you purchase SSL or receive open SSL free through your hosting plan, you are actually receiving an SSL/TLS certificate.
Do all browsers accept shared SSL?
SSL covers over 99% of internet users and is supported by all major browsers. Provided you're not using an obscure, homegrown browser or trying to update your website with your Amiga 2500, you should have no problem accessing shared SSL connections.
Can I use shared SSL on any platform?
SSL is the standard system for securing internet connections; as such, it is available on all hosting server platforms, including Windows, MacOS, GNU/Linux, BSD, Android, iOS, and pretty much every other operating system you can think of. However, shared SSL must be offered by your host, so check with them if you're considering using it.
If I have multiple domains through a host, can I use shared SSL for all of them?
That will depend on the hosting plan you have selected, but it shouldn’t be a problem since a shared SSL certificate can be shared by anyone using that server.
Can I use shared SSL for any site that doesn't include ecommerce?
Unless your host has placed a restriction on how you use shared SSL, you should be able to use it for any site. However, just because you can use it doesn't mean you should. If your site requires collecting any data from your users, particularly if that data includes personal or financial information, you owe it to your users to provide the best security possible. A private SSL certificate will promote far greater trust and loyalty from your website visitors.