Unless your new to the industry or you've had your head in the sand you've probably heard about how important SSL certificates are. Not just because of nasty hackers, but nasty governments as well (I'll refrain from ranting).
You probably know this and you have probably drawn the line when it comes to actually implementing an SSL certificate. Why? If your like me it's because your frugal and your blog doesn't make money (SSL certificates generally cost money).
Well you've no longer got an excuse. Since December 2015, LetsEncrypt has been in public beta, which means anyone can get free genuine SSL certificates. Not only that, but the installation is largely automated thanks to a series of very clever scripts. I'm not going into any detail about how you can achieve this, there are a lot of detailed posts already available Apache, nginx, IIS.
The only negative is that the certificates expire after 90 days; that said, its easy enough to setup a process for automatic renewal. In my experience you should be able to setup a certificate (the 1st time) in under an hour and significantly quicker each time thereafter.
Both of my own sites use LetsEncrypt (including this blog) and can't recommend it enough…