Definition

SSL/TLS is the encryption protocol that secures exchanges between a browser and a web server. When active, the URL starts with HTTPS and a padlock shows in the address bar. SSL is now deprecated and replaced by TLS, but the term “SSL” sticks around in everyday use.

Why it is now essential

• Official Google ranking factor since 2014
• Required for HTTP/2 and HTTP/3 (performance)
• Chrome and other browsers display a “Not secure” warning without HTTPS
• Required for many modern APIs and features (PWA, geolocation, microphone)
• User trust and GDPR compliance for forms

Best practices

• Use a valid certificate (Let’s Encrypt for free, or EV for sensitive sites)
• Auto-renew before expiration
• Force HTTP-to-HTTPS redirection at server level
• Enable HSTS to prevent downgrades
• Regularly test the configuration (SSL Labs, qualys.com)
• Update canonical tags and XML sitemap in HTTPS