Home / hosting / with

Introduction to Web Hosting with SSL

Introduction to Web Hosting with SSL

Introduction to Web Hosting with SSL

Introduction to Web Hosting with SSL

Alright, let’s talk turkey about something that’s become as fundamental to running a website as having a domain name itself: web hosting with SSL. I remember a time, not so long ago, when SSL was this niche, almost exotic thing, reserved primarily for massive e-commerce sites or banks. It felt like a luxury, a "nice-to-have" add-on that you’d only consider if you were handling super sensitive financial data. Fast forward to today, and if your website isn't rocking an SSL certificate, you're not just behind the curve; you're practically invisible, screaming "untrustworthy" to every browser and search engine out there. It’s a wild shift, a testament to how quickly the digital landscape evolves, and honestly, it’s a change for the better. This isn't just about technical jargon; it's about trust, security, and the very foundation of how we interact online.

What is Web Hosting with SSL?

At its core, web hosting with SSL is simply the combination of two indispensable elements that form the backbone of a secure and reliable online presence. First, you have web hosting: this is essentially the digital landlord for your website. It’s the service that provides the server space and resources needed for your website’s files, databases, and code to live, making them accessible to anyone on the internet. Think of it as renting a plot of digital land where you can build your online home. Without hosting, your website is just a collection of files on your computer, going nowhere. It’s the engine that powers your site, ensuring it’s always online and ready to serve up content to visitors around the globe.

Then, we introduce SSL, which stands for Secure Sockets Layer. Now, before you glaze over, let me simplify it: SSL is a cryptographic protocol that provides security for communication over a computer network. When integrated with your web hosting service, it creates an encrypted, secure connection between a user's web browser and the server hosting your website. Imagine sending a postcard through the mail versus sending a sealed, tamper-proof letter in an armored truck. The postcard is HTTP, open for anyone to read. The sealed letter in the armored truck? That's HTTPS, powered by SSL. It ensures that any data exchanged between the user and your site—passwords, credit card numbers, personal information, even just browsing habits—is scrambled into an unreadable format, protecting it from prying eyes and malicious actors.

The beauty of "web hosting with SSL" is that modern hosting providers have largely made this integration seamless. It’s not about manually configuring complex cryptographic algorithms anymore, at least not for most users. Instead, many hosting plans now come with SSL pre-installed or offer one-click installation options, often leveraging free certificates from initiatives like Let’s Encrypt. This convergence means that when you sign up for a hosting plan, you're not just getting server space; you're getting a secure conduit for your data, a digital fortress designed to protect both your website and its visitors. It’s the difference between building a house with a flimsy lock and building one with a state-of-the-art security system already wired in.

This integrated approach is crucial because the internet is a wild place. Every day, countless attempts are made to intercept data, compromise websites, and exploit vulnerabilities. By combining robust web hosting with the impenetrable shield of SSL, you’re not just offering a website; you’re offering a secure experience. You’re telling your visitors, "Hey, I care about your privacy and safety." And in an age where data breaches are front-page news, that message resonates deeply. It's not an optional upgrade anymore; it's a foundational piece of the digital puzzle, ensuring that when someone interacts with your site, their information travels through a protected, encrypted tunnel, safe from eavesdroppers and digital bandits.

The Imperative for SSL in Today's Digital Landscape

Let's be blunt: if you're running a website without SSL in today's digital landscape, you're making a massive mistake. It’s no longer a matter of "should I get SSL?" but "why don't I already have SSL?" The shift from SSL being a niche security feature to a universal requirement has been driven by several powerful forces, not least of which is the relentless push from major tech players like Google and the ever-growing public awareness of online privacy and security. The internet has matured, and with that maturity comes a higher standard of care for user data. Ignoring this is akin to building a house without a roof and wondering why everything inside keeps getting wet. It’s just not acceptable anymore.

One of the most significant drivers behind this imperative is Google's explicit stance on website security. Back in 2014, Google announced that HTTPS (the secure version of HTTP, enabled by SSL/TLS) would be a lightweight ranking signal. At the time, it felt like a gentle nudge, but over the years, that nudge has become a full-blown shove. While it might still be a "lightweight" signal compared to content quality or backlinks, it's a baseline requirement. More importantly, Google's Chrome browser, which dominates the market, now actively flags non-HTTPS sites as "Not Secure" in the address bar. That little warning label is a trust killer, a neon sign screaming "Danger!" to your potential visitors. It immediately undermines credibility, regardless of how fantastic your content or products might be.

Beyond search engines, user expectation has fundamentally shifted. People are savvier now; they understand the implications of sharing information online. When they see that padlock icon in their browser’s address bar, they instinctively feel safer. Conversely, the absence of it, especially coupled with a "Not Secure" warning, triggers alarm bells. It suggests negligence, or worse, that your site might be compromised or designed to harvest data maliciously. This isn't just about e-commerce sites handling credit card numbers; it applies to blogs, portfolios, informational sites – any site where a user might input their email address for a newsletter, fill out a contact form, or even just browse. Trust is the currency of the internet, and SSL is its most visible indicator.

Finally, the regulatory landscape has evolved dramatically, making SSL a non-negotiable for compliance. Think about GDPR (General Data Protection Regulation) in Europe, CCPA (California Consumer Privacy Act) in the US, or PCI DSS (Payment Card Industry Data Security Standard) for anyone processing credit card payments. These regulations mandate robust data protection measures, and SSL/TLS encryption is a foundational component of meeting those requirements. Failing to implement SSL can result in hefty fines, legal repercussions, and a catastrophic loss of reputation. It's not just good practice; it's often a legal necessity, protecting not only your users but also your business from significant liabilities. The era of optional security is long gone; we now live in a world where robust encryption is a fundamental expectation.

Pro-Tip: The "Not Secure" Scare
Don't underestimate the psychological impact of that "Not Secure" warning in Chrome. For many users, it's an immediate red flag that sends them scurrying away. It doesn't matter if your site is just a simple blog with no forms; the warning still appears. This alone is reason enough to get SSL, even if you think your site has nothing "sensitive" on it. It's about perception and building trust, which are priceless in the digital realm.

Demystifying SSL/TLS Certificates

The terms SSL and TLS are often used interchangeably, and while there's a technical distinction (TLS is the more modern, secure successor to SSL), for most practical purposes, when we talk about SSL, we're generally referring to the entire family of protocols that secure web communication. It's a bit like calling all tissues "Kleenex" – SSL is the widely recognized brand name for digital certificates that encrypt data. But understanding how these certificates actually work, beyond just knowing they make your site "secure," is incredibly empowering. It helps you appreciate the intricate dance of cryptography that protects billions of online interactions every day.

How SSL/TLS Works: Encryption and Authentication

At its heart, SSL/TLS works by establishing a secure, encrypted connection between a client (your web browser) and a server (the website you're visiting). This isn't some magical, instant transformation; it's a carefully orchestrated process known as the "SSL/TLS handshake." Imagine two strangers trying to communicate secretly in a crowded room. They need a way to verify each other's identity and then agree on a secret language that no one else understands. That's essentially what the handshake achieves.

The process kicks off when your browser tries to connect to an HTTPS-enabled website. The browser sends a "Client Hello" message, basically saying, "Hey, I want to talk securely!" The server responds with a "Server Hello," which includes its SSL/TLS certificate. This certificate is critical; it's a small data file that digitally binds a cryptographic key to an organization's details. It contains the server's public key, the domain name it's issued for, and information about the Certificate Authority (CA) that issued it. Your browser then performs a series of checks: Is the certificate valid? Has it expired? Is it issued by a trusted CA? If anything looks fishy, you get those scary browser warnings.

Once the certificate is validated, the real cryptographic heavy lifting begins. The browser uses the server's public key (found in the certificate) to encrypt a "pre-master secret" – a randomly generated key. Only the server, with its corresponding private key, can decrypt this pre-master secret. This public/private key pair is the genius behind asymmetric encryption: what one key encrypts, only the other can decrypt. It’s like having a special lock (public key) that anyone can use to lock a message, but only you have the unique key (private key) to unlock it. This ensures that even if an eavesdropper intercepts the pre-master secret, they can’t decrypt it without the server’s private key.

After the server successfully decrypts the pre-master secret, both the browser and the server independently derive a unique, shared "session key" from this secret. This session key is then used for symmetric encryption – a much faster form of encryption where the same key is used for both encrypting and decrypting all subsequent data exchanged during that session. This dual-layered approach (asymmetric for key exchange, symmetric for data transfer) provides both security and efficiency. The entire handshake takes mere milliseconds, and once complete, all communication between your browser and the server is encrypted, authenticated, and protected from tampering, ensuring data integrity and confidentiality.

Insider Note: The CA's Vouch
The Certificate Authority (CA) is like a digital notary public. Their role is to verify the identity of the website owner before issuing an SSL certificate. When your browser trusts a CA (most major CAs are pre-installed in browsers), it trusts that any certificate issued by that CA is legitimate. This chain of trust is fundamental to how SSL/TLS works across the internet. Without CAs, there'd be no way to verify if a website is truly who it claims to be.

Key Types of SSL Certificates Explained

Navigating the world of SSL certificates can feel like walking through a cryptographic alphabet soup, but it's not as complex as it seems. The different types primarily boil down to the level of validation the Certificate Authority (CA) performs before issuing the certificate, and what kind of domains they can secure. Understanding these distinctions is crucial, as it impacts not just the security, but also the perceived trustworthiness and cost.

Let's start with the most common and easiest to obtain: Domain Validated (DV) certificates. These are often what you get with free SSL options like Let's Encrypt, and they're perfect for most personal blogs, small businesses, or informational websites. With a DV certificate, the CA simply verifies that the applicant has control over the domain name. This is usually done via an email verification, a DNS record change, or by placing a specific file on the web server. It's quick, typically automated, and provides the same strong encryption as any other certificate type. The browser will show the padlock icon, indicating a secure connection, but it won't display any specific organizational details in the browser bar. It's the baseline, and frankly, for many, it's all you truly need for encryption.

Next up, we have Organization Validated (OV) certificates. These require a more rigorous vetting process. Beyond verifying domain control, the CA also authenticates the legitimacy of the organization applying for the certificate. This involves checking business registration documents, physical addresses, and sometimes even phone verification. It’s a bit like applying for a business loan – they want to make sure you’re a real, legitimate entity. While an OV certificate still displays the padlock icon, clicking on it in some browsers will reveal the organization's verified details. This adds an extra layer of trust, making it suitable for businesses that want to signal a higher level of credibility, such as medium-sized e-commerce sites or corporate intranets, where users might feel more comfortable knowing a verified organization is behind the site.

The pinnacle of trust in the SSL world is the Extended Validation (EV) certificate. This is the most stringent and expensive type to obtain, involving the most comprehensive background checks on the organization. CAs follow a strict set of guidelines to confirm the legal, physical, and operational existence of the entity. The payoff for this rigorous validation is a unique visual indicator: the browser's address bar typically displays the organization's verified name right alongside the padlock, often in green. Think of major banks or large corporations – they typically use EV certificates. This prominent display offers the highest level of assurance to visitors, making it ideal for large enterprises, financial institutions, or any website where maximum user trust and brand credibility are absolutely paramount, especially when handling highly sensitive transactions.

Beyond these validation levels, there are also certificates that address specific domain configurations:

  • Wildcard SSL Certificates: These are a fantastic solution if you need to secure a primary domain and an unlimited number of its subdomains. For example, a single wildcard certificate for `*.yourdomain.com` would secure `blog.yourdomain.com`, `shop.yourdomain.com`, `dev.yourdomain.com`, and so on. This is incredibly convenient and cost-effective for organizations with multiple subdomains, saving you the hassle and expense of managing individual certificates for each one.
  • Multi-Domain (SAN) SSL Certificates: SAN stands for Subject Alternative Name. These certificates allow you to secure multiple distinct domain names and hostnames with a single certificate. So, you could secure `yourdomain.com`, `yourdomain.net`, `anotherdomain.org`, and even `mail.yourdomain.com` all under one roof. This is ideal for businesses managing several different websites or applications, simplifying certificate management significantly.
  • Multi-Domain Wildcard SSL Certificates: The ultimate combo, securing multiple distinct domains and an unlimited number of subdomains for each of those domains. These are for the big players with complex web infrastructures.
Choosing the right certificate really depends on your specific needs, budget, and the level of trust you want to convey. For most, a DV certificate is perfectly adequate, but for those who demand the highest level of verified identity, OV and EV stand ready to serve.

Beyond Security: The Multifaceted Benefits of SSL

While security is undoubtedly the primary function and most obvious benefit of SSL, pigeonholing it solely into that category would be a disservice to its broader impact. Implementing SSL/TLS on your website unlocks a cascade of advantages that touch upon everything from how your site performs in search results to how your users perceive your brand, and even your legal obligations. It’s a foundational piece of modern web infrastructure that pays dividends far beyond simply encrypting data.

First and foremost, let's talk about SEO ranking signals. I mentioned earlier that Google officially declared HTTPS a ranking signal. While it might be a "lightweight" signal on its own, it contributes to the overall health and quality score of your website. In a highly competitive search landscape, every little bit helps. Google's explicit preference for secure sites means that if all other factors are equal between two competing websites, the one with HTTPS will likely get the nod. More importantly, SSL is a gateway to other performance and security features that do significantly impact SEO, such as HTTP/2 (which requires HTTPS) and browser caching improvements. Without SSL, you’re simply not playing on a level field, and you’re leaving potential organic traffic on the table, which, for any business, is a missed opportunity that translates directly into lost revenue.

Beyond the algorithms, SSL is a powerful tool for building user trust and credibility. This isn't just about avoiding the "Not Secure" warning; it's about proactively signaling professionalism and care. When a visitor sees that reassuring padlock icon, they subconsciously register your site as legitimate and safe. This psychological factor is huge. Users are increasingly wary of phishing scams, data breaches, and identity theft. A secure connection reassures them that their data, whether it's a simple email address for a newsletter subscription or sensitive payment details, is being handled responsibly. This translates directly into higher conversion rates, lower bounce rates, and improved user engagement. People are more likely to complete purchases, fill out forms, and spend more time on a site they trust. It's an investment in your brand's reputation that yields tangible results.

Data integrity is another critical, often overlooked benefit. SSL not only encrypts data but also ensures that the data exchanged between the browser and server has not been tampered with in transit. Imagine ordering something online, and somewhere between your computer and the e-commerce server, a malicious actor intercepts the order and changes the quantity or the shipping address. Without SSL, this kind of "man-in-the-middle" attack is a real possibility. SSL’s cryptographic mechanisms include message authentication codes (MACs) that verify the data's integrity, ensuring that what was sent is exactly what was received, without any alterations. This is vital for e-commerce, banking, or any transaction where the accuracy of information is paramount, preventing fraud and protecting both the user and the business from costly errors.

Finally, SSL has become non-negotiable for meeting compliance standards. In today's highly regulated digital environment, numerous laws and industry standards mandate the use of encryption for protecting personal and sensitive data. For example, the General Data Protection Regulation (GDPR) in the European Union requires organizations to implement "appropriate technical and organizational measures" to ensure a level of security appropriate to the risk of processing personal data. SSL/TLS is a fundamental component of meeting that requirement for data in transit. Similarly, the Payment Card Industry Data Security Standard (PCI DSS), which applies to any entity that stores, processes, or transmits credit card data, explicitly mandates the use of strong cryptography (i.e., SSL/TLS) to protect cardholder data during transmission over open, public networks. Failure to comply with these standards can result in severe penalties, including hefty fines and reputational damage. So, SSL isn't just good for business; it's often a legal necessity, protecting your organization from significant liabilities.

Pro-Tip: HTTP/2 Requires HTTPS
Here's a little secret: many of the performance benefits you hear about with modern web protocols, like HTTP/2, are only accessible if your site is running over HTTPS. HTTP/2, which greatly speeds up website loading by allowing multiple requests and responses over a single connection, requires an encrypted connection in almost all major browsers. So, getting SSL isn't just about security; it's about unlocking faster load times and a better user experience, which in turn boosts SEO and user satisfaction.

Integrating SSL Across Hosting Environments

The beauty of modern web hosting is that while the underlying principles of SSL remain the same, the actual implementation process can vary significantly depending on your hosting environment. This isn't a "one size fits all" situation, and understanding these differences can save you a lot of headaches, especially when it comes to troubleshooting or migrating your site. From the simplest shared hosting setup to the most complex cloud infrastructure, each environment has its quirks and best practices for SSL integration.

SSL Implementation on Shared Hosting

Shared hosting is where many of us start our online journeys. It's affordable, generally user-friendly, and offers a lot of convenience, often at the expense of complete control. When it comes to SSL implementation on shared hosting, the experience has, thankfully, become incredibly streamlined over the past few years. Gone are the days when you might have needed a dedicated IP address just to install an SSL certificate, which was an extra cost and complication. Modern shared hosting has largely embraced Server Name Indication (SNI), allowing multiple SSL certificates to be hosted on a single IP address, making SSL accessible to everyone.

The typical setup process on shared hosting is usually a breeze, often involving one-click installers or even automatic provisioning. Many reputable hosting providers now include free SSL certificates, most commonly from Let's Encrypt, as a standard feature with every hosting plan. You might find an option in your cPanel or custom hosting control panel that says "SSL/TLS," "Let's Encrypt," or "Security." A few clicks, and within minutes, your certificate is issued and installed. The hosting provider handles all the complex stuff: generating the Certificate Signing Request (CSR), getting it signed by the CA, and installing the certificate files (the actual certificate, the intermediate certificates, and the private key) onto the server. It’s designed to be as hands-off as possible, allowing you to focus on your website's content rather than cryptographic minutiae.

However, even with this ease, there can be potential limitations or considerations. While free Let's Encrypt certificates are fantastic for encryption, they are Domain Validated (DV) only and have a shorter validity period (90 days), requiring frequent renewals. Most hosting providers automate these renewals, but it's always wise to double-check that this automation is indeed active and functioning correctly. If you're running a larger e-commerce site or a business that requires the higher trust signals of an Organization Validated (OV) or Extended Validation (EV) certificate, you’ll typically need to purchase one from a commercial CA. In such cases, your hosting provider might still offer a guided installation process, but you'll be responsible for acquiring the certificate yourself and potentially providing the necessary files for installation.

Another point to consider, though less common now, is the possibility of needing a dedicated IP address for certain legacy systems or very specific configurations, though SNI has largely eliminated this for most modern setups. It's always a good idea to confirm with your hosting provider if you have any unusual requirements. Shared hosting is fantastic for getting secure quickly, but it means you're relying heavily on your provider's infrastructure and tools. While this is a huge benefit for simplicity, it also means your control is limited. You generally won't be diving into server configuration files yourself; you're working within the confines of the control panel your host provides. It’s a trade-off: ease of use for less granular control, a trade-off many are happy to make for the sheer convenience of getting HTTPS up and running with minimal fuss.

Managing SSL on VPS and Dedicated Servers

Stepping up to a Virtual Private Server (VPS) or a Dedicated Server is like moving from an apartment to owning your own house. You gain significantly more control, greater resources, and often, the responsibility for managing your own server environment. This extends directly to SSL implementation, which, while still achievable, typically requires a more hands-on approach compared to shared hosting. This greater control is a double-edged sword: immense power, but also the potential for immense frustration if you don't know what you're doing.

On a VPS or dedicated server, you're often dealing directly with the operating system (usually Linux) and your web server software, such as Apache, Nginx, or LiteSpeed. The process isn't usually a one-click affair from a simplified control panel, though some managed VPS providers do offer more streamlined interfaces like cPanel or Plesk that can automate parts of the process. For those managing their servers manually, you'll be diving into the command line, which can be daunting for the uninitiated but incredibly rewarding for those who like to understand every cog in the machine.

The typical workflow for installing an SSL certificate on a VPS or dedicated server involves several key steps. First, you'll need to generate a Certificate Signing Request (CSR). This is a block of encoded text that contains information about your domain, organization, and your public key. You generate this on your server using tools like OpenSSL. This CSR is then submitted to a Certificate Authority (CA) when you purchase or request your SSL certificate. The CA uses this CSR to create your unique certificate. Once the CA issues your certificate, they'll send you a bundle of files, usually including your primary certificate, any intermediate certificates (which complete the chain of trust), and sometimes the CA's root certificate.

The next critical step is installing these certificates on your web server. This involves configuring your web server software (e.g., editing `httpd.conf` for Apache or `nginx.conf` for Nginx) to point to the correct certificate files and your private key (which you generated when creating the CSR and should have kept secure on your server). You'll specify the `SSLCertificateFile`, `SSLCertificateKeyFile`, and `SSLCertificateChainFile` (or similar directives, depending on your server software). After configuring, you'll need to restart your web server for the changes to take effect. It’s a meticulous process, where a misplaced character or incorrect file path can lead to your site being inaccessible or displaying certificate errors. This is where attention to detail really pays off, and having solid documentation or a good tutorial is your best friend.

Pro-Tip: Keep Your Private Key PRIVATE!
When you generate a CSR, you also create a private key. This key is critical and must be kept absolutely secret and secure on your server. Never share it, never email it, and ensure its file permissions are restricted. If your private key is compromised, your SSL certificate is useless, and your secure connection can be decrypted by malicious actors. Think of it as the master key to your digital safe; if that gets out, everything inside is vulnerable.

Cloud Hosting and Scalable SSL Solutions

Cloud hosting represents another paradigm shift, moving away from single, monolithic servers to highly distributed, scalable infrastructures. This environment brings its own set of advantages and considerations for SSL, particularly regarding flexibility, performance, and management at scale. Cloud platforms are designed for elasticity, meaning your resources can expand or contract based on demand, and your SSL strategy needs to be just as adaptable.

One of the standout features of cloud hosting is its inherent scalability. When you're dealing with potentially massive traffic spikes, traditional SSL setups on a single server can become a bottleneck due to the computational overhead of encryption and decryption. Cloud solutions often mitigate this by offloading SSL termination to dedicated load balancers or Content Delivery Networks (CDNs) that are designed to handle high volumes of encrypted traffic efficiently. Services like AWS Certificate Manager (ACM), Google Cloud SSL policies, or Cloudflare's universal SSL are perfect examples. These platforms can manage your certificates, automatically renew them, and distribute the SSL processing load across multiple servers, ensuring your site remains fast and responsive even under heavy load.

The integration of SSL with CDNs is particularly powerful in a cloud environment. A CDN stores cached versions of your website's content on servers located geographically closer to your users. When a user requests your site, the CDN serves the content from the nearest edge server, significantly reducing latency. With SSL integrated into the CDN, the encryption and decryption also happen at these edge locations. This means the SSL handshake, which can add a slight delay, occurs closer to the user, and the encrypted data travels a shorter distance. This "SSL termination at the edge" not only improves performance but also reduces the load on your origin server, as it no longer has to handle every single SSL handshake. It's a win-win for speed and security.

Furthermore, cloud hosting often provides advanced features for security and compliance that integrate seamlessly with SSL. You might find Web Application Firewalls (WAFs) that inspect encrypted traffic (after SSL termination at the edge) for malicious patterns, or robust identity and access management (IAM) systems that secure access to your certificate management tools. For businesses with complex, multi-region deployments, cloud platforms simplify global SSL certificate management, allowing you to deploy and manage certificates across numerous servers and regions from a centralized control panel. This ease of management, combined with the performance benefits and inherent scalability, makes cloud hosting an incredibly attractive option for modern, secure, and high-traffic websites that demand robust SSL solutions. It's about building a secure foundation that can grow as rapidly as your business demands, without having to re-architect your security every time.

Choosing the Right SSL-Enabled Hosting Provider

Selecting a web hosting provider is a pivotal decision for any website owner, and in today's environment, the integration and management of SSL should be at the forefront of that choice. It’s not just about finding a cheap host; it’s about finding a reliable partner who understands the critical role of security and makes it easy for you to maintain a secure online presence. Cutting corners here can lead to headaches, downtime, and a loss of trust from your audience. Think of it as choosing a general contractor for your house – you want someone who knows their stuff, uses quality materials, and ensures everything is up to code, especially the security systems.

Factors to Consider When Selecting a Host

When you’re sifting through the myriad of web hosting providers, it’s easy to get lost in the jargon and the enticing introductory offers. However, for an SSL-enabled host, there are several non-negotiable factors that should guide your decision. These go beyond the basic promises and delve into the practicalities of maintaining a secure and efficient website. Ignoring any of these could lead to long-term frustration and potentially compromise your site's security and performance.

First off, and perhaps most obviously, you need to scrutinize their SSL offerings. Does the host include free SSL certificates (like Let's Encrypt) as standard? If so, is the installation process automated and seamless, perhaps with a one-click option in the control panel? More importantly, do they handle automatic renewals for these free certificates? An expired SSL certificate is just as bad, if not worse, than no SSL at all, as it results in terrifying browser warnings. If you require a higher-tier certificate (OV or EV), does the host support easy installation of third-party certificates, or do they offer them for purchase? Clarity on these points from the outset will save you a lot of grief. Don't