Welcome to the Treehouse Community
Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community! While you're at it, check out some resources Treehouse students have shared here.
Looking to learn something new?
Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.
Start your free trialMario Rodriguez
15,345 PointsWhat is the risk of setting woo commerce on a small site without SSL certificate?
What is the risk of setting woo commerce on a small site without SSL certificate?
3 Answers
Zac Gordon
Treehouse Guest TeacherIf you don't use SSL you will only be able to use payment gateways that take people off of your site to make the payment. Payment gateway don't let you process payments on your site without SSL, it just won't work.
Mario Rodriguez
15,345 PointsThanks for teaching me Tim. I truly appreciate it.
Ashley Martin
2,429 PointsI have heard that google's algorithm favors sites with SSL certificates over ones that don't. Another benefit to having SSL.
Tim Knight
28,888 PointsTim Knight
28,888 PointsHi Mario,
I would say there are two big risks to consider when not having an SSL certificate. Consider the following two scenarios:
Using PayPal for External Payment
In the case of using WooCommerce with PayPal you don't necessarily need an SSL, but I would say that many consumers look for the safety of SSL even during their shopping experience. So the risk in this case would be that users wouldn't feel their payment information was safe because they wouldn't get far enough in the process to see the transition to PayPal's SSL.
Using an External Payment Process
WooCommerce let's you use several different types of external payment processors. I believe WooCommerce actually forces the system to have SSL installed before you can enable one of these add-ons. If it didn't, you'd be risking sending credit card information in plain text and risking the payment security of your customers. Additionally, if you were able to enable WooCommerce for these processors without SSL you'd risk your ability to process your payments with Visa or Mastercard. From what I understand part of PCI requirements include transaction security just as much as storage (which is typically handled by the processor). In the case that you were not sending the information securely your merchant could disable your account for failure to comply with basic PCI requirements.
Again both of these are speaking generally. I believe that WooCommerce however will not allow you to enable external payment systems without SSL enabled.