It was once accepted that only websites handling financial data (such as customer credit card details) would need to implement security and get the padlock in the visitor's address bar - but not any longer. The padlock indicates that the website owner's credentials have been verified by a trusted third party, and it also means that nobody can eavesdrop on the data flowing between website and visitor.
So, how do we make our website secure? Here are the steps I took:
At Google, Secure your site with HTTPS.
At moz.com, The Big List of SEO Tips and Tricks for Using HTTPS on Your Website
At Yoast.com, Moving your website to https / SSL: tips & tricks
At 123-reg, Generate a CSR: Apache (Open SSL)
At AlphaSSL.com, Install Root Certificate in Apache
At CentOS, Setting up an SSL secured Webserver with CentOS