Docs / Domain & Launch / SSL and HTTPS

SSL and HTTPS

An SSL certificate encrypts the connection between your site and its visitors. Every Madra site includes HTTPS for free.

When you visit a secure website, you see a padlock icon in the address bar and the URL starts with https:// instead of http://. That "s" means the connection is encrypted using an SSL certificate. This is an essential security standard for any professional website.

What is SSL?

SSL (Secure Sockets Layer) is a security protocol that creates an encrypted connection between the visitor's browser and the server hosting your site. Data exchanged between the two (text, form submissions, contact information) cannot be intercepted by third parties.

In practice, SSL protects:

  • Form data — information entered in your contact form is encrypted during transfer
  • Browsing activity — no one can see which pages your visitors are viewing on your site
  • Content integrity — third parties cannot inject malicious content (ads, malware) into your pages
  • Your site's identity — the certificate confirms visitors are on your real site, not a fraudulent copy

Why does HTTPS matter?

HTTPS is no longer optional. It is a requirement for security, search rankings, and visitor trust.

  • Visitor security — data transmitted through your site is protected from interception
  • Customer trust — modern browsers display a "Not Secure" warning on HTTP sites, which drives visitors away
  • Google ranking — Google uses HTTPS as a ranking factor. An HTTPS site ranks higher than an HTTP site
  • Legal compliance — regulations like GDPR require personal data to be protected during transfer. HTTPS satisfies this requirement
  • Performance — the HTTP/2 protocol, which improves page load speed, requires HTTPS

Is SSL included for free with Madra?

Yes. Every Madra site receives a free SSL certificate that is activated automatically. You do not need to install, configure, or pay for anything.

What Madra handles for you:

  • Certificate issuance — the SSL certificate is generated through Let's Encrypt, a globally recognized certificate authority
  • Automatic renewal — Let's Encrypt certificates expire every 90 days. Madra renews them automatically before expiration
  • HTTP to HTTPS redirect — all HTTP visits are automatically redirected to HTTPS
  • Custom domain activation — once your domain is connected and DNS has propagated, the SSL certificate is activated within minutes

This service is included in every Madra plan, both Starter (€29.90/month) and Pro (€39.90/month).

How do you verify that SSL is active?

You can check in seconds that your SSL certificate is working correctly:

  1. Look at the address bar — a padlock icon should appear to the left of the URL in your browser
  2. Check the URL — the address should start with https:// and not http://
  3. Click the padlock — a panel opens showing certificate details (issuer: Let's Encrypt, validity dates, covered domain)

If you type the address using HTTP (without the "s"), you will be automatically redirected to the HTTPS version. This is the expected behavior.

Never disable HTTPS

There is no valid reason to disable HTTPS on your website. A site served over HTTP exposes your visitors' data, drives away customers, and hurts your Google ranking. At Madra, HTTPS is always active and cannot be disabled.

Was this helpful?
Previous Connect a domain Next Launch your site
On this page