SSL and TLS are technologies used to encrypt communication to and from your website. They prevent third parties from spying on your visitors, or from modifying their communications with you.
Without encryption, anything sent to your website – e.g. login details, or credit card information – can be intercepted or modified by a hacker with relative ease, and there would be no way for either you or your visitor to know.
Because of this, the use of SSL or TLS is considered virtually essential for any modern website. Google lowers the ranking of websites which don’t use these technologies, and most browsers will show warnings or errors if a website asks for information without them in place. GDPR compliance is essentially impossible without encryption.
Both SSL (Secure Sockets Layer) and TLS (Transport Layer Security) do the same thing, but SSL is an older technology that was superseded by TLS in 1999. The old name stuck, however, and nearly everyone just uses the name “SSL”, even when talking about TLS.
SSL used to slow down websites and be difficult and expensive to set up, but recent advances have made it fast, free and straightforward to apply. Occasional security vulnerabilities have been discovered in both SSL and TLS, and newer versions have been released to fix these issues. The result is that if a website uses an older version of either standard, it may still be insecure. When this happens most people will be unable to access the website as modern browsers block these websites completely.