Well I don't really know how it's set up on the backend here. I know when I managed a vps it had OpenSSL installed for the control panel and could use it for web sites without a certificate. Sure, it wasn't security like a certificate would provide but if OpenSSL was installed and used by the control panel by default it must have at least provided a basic layer of security.
I honestly didn't mean for this to devolve into a long winded discussion and debate. I admit I don't really know much about web design and web security except some basic stuff server side, I never had to deal with certificates or coding and patching holes if it wasn't as simple as running an update or replacing a php file. I purchased the vps, updated packages, installed or compiled any needed packages and did guided hardening of the server and this was made easier due to Cpanel.
I honestly didn't mean for this to devolve into a long winded discussion and debate. I admit I don't really know much about web design and web security except some basic stuff server side, I never had to deal with certificates or coding and patching holes if it wasn't as simple as running an update or replacing a php file. I purchased the vps, updated packages, installed or compiled any needed packages and did guided hardening of the server and this was made easier due to Cpanel.