If you plan on taking payments or gathering any personal information beyond simple email address, or simply want to have a more secure access when administering your website, you'll need to enable your site to work over SSL. This is the same security that banks use to make communications with their websites secure.
You'll need a few of things:
- A static IP address -- This is an address that never changes. Depending on your web hosting provider, there may be a fee (monthly or yearly) associated with this. Sometimes they will wave the fee if you purchase your SSL Certificate from them.
- SSL Certificate -- Prices can be crazy for this powerful 256-bit encryption file but you'll need it if you plan on taking payments or gathering any personal information beyond simple email address. The best price I've seen is from GoDaddy. They have a special offer for a Standard SSL Certificate at $12.99 the first year. Their regular price is $39.99/year. By comparison, HostGator sells them for $50/year.
- The WordPress HTTPS (SSL) plugin -- This free plugin will enable your WordPress site to work with http:// and/or https://. Simply install and configure the settings.
Always check with your website hosting provider before purchasing a SSL Certificate. Depending on your skill level, there can be many advantages to purchasing the certificate from them including the discounted price, installation for you and lower or no cost fixed IP address.