A long, long time ago, in 2015, securing a website was an expensive, tedious process. Then along came Let’s Encrypt, a non-profit certificate authority that provides SSL certificates completely for free. Real (not-self-signed) certificates that get a green padlock in your address bar. And they make the process super easy and automated. If you’re on shared hosting it might be a little harder, but your host should be able to implement it fairly easily. Dreamhost made it basically one click for me. You should read that post it’s pretty good. One thing to note is that Chrome and Firefox both have plans to start marking http connections as insecure, rather than default neutral status (the current status quo).