HTTP vs HTTPS
When you are going to buy new shoes online or sign up for a magazine subscription to Burgers Weekly, checking the authenticity of a website is crucial. Giving your information to an insecure website is risky business, as there are people out there with malicious intent who want nothing more than to steal your information and use it for evil. Now, you might be asking yourself, "How the heck do I know if a website is secure or not?" Don't worry, we got your back on this. Let us walk you through the difference between HTTP (insecure) and HTTPS (secure).
What is HTTP?
Hypertext Transfer Protocol (HTTP) is a protocol for transferring and receiving information over the web so visitors such as yourself can read the news or view funny cat videos online.
When you visit a website, your web browser communicates with the web server in order to display the website. The way it does that is through network packets. Unfortunately, the data in those packets transferring over HTTP are insecure and prone to eavesdropping as people can potentially steal any sensitive information you place online. That is where HTTPS comes to the rescue.
HTTPS and SSL assemble!
Hypertext Transfer Protocol Secure (HTTPS) is a protocol similar to HTTP, but takes it up another notch by working alongside SSL to keep your data safe. Secure Sockets Layer (SSL) is another protocol for securing connections over the Internet. In order to utilize SSL, you need to purchase a SSL certificate from a certificate authority (CA).
SSL Shopper defines a certificate authority as "an entity which issues digital certificates to organizations or people after validating them". Essentially, you provide the required information about your company and your website to a registered CA such as Symantec or GoDaddy. Once the CA verifies your business and website, you will receive a signed digital certificate to install on your server. From that point on, whenever a web browser communicates with a website, a secret language occurs between them that only they understand. Think of it like communicating to your friends via your own complex Morse code. Having a SSL certificate will also enable the padlock symbol within the address bar and give users peace of mind that they are visiting a secure and encrypted website.
Do I need a SSL certificate on my website?
Short answer: it depends. If you request any of the following information on your website, you should strongly consider obtaining an SSL certificate:
- Logins and passwords.
- Credit card or social security numbers, banking information.
- Any personal data such as your mother's maiden name, birthdays.
- Medical records.
Even if you do not have any of the items mentioned above, take into consideration how you rank online. Starting in 2014, Google altered its search result algorithm to display HTTPS websites ahead of HTTP websites in its rankings in order to encourage having a more secure Internet. Having a secure connection on your website is one of the many determining factors between getting on the front page of Google or the rest of never-looked-at pages starting on page 2.
What to look out for
To make sure you are on a secure site, look out for the following items:
- 1) https instead of http
- 2) A closed padlock symbol
- 3) Green address bar
- 4) Green lettering displaying "Secure" or the company's name.
Look at the photo below to see what a secure website looks like.
We all want our Internet to be safe and our information secure. Having HTTPS on a website is an important step in data protection. Make sure to pay attention to the websites you encounter online. Never submit any sensitive information without ensuring you are on a secure site. If you are thinking about purchasing a SSL certificate or if you have any general questions, let us give you a hand! Contact us at 844-463-8463 or email us at email@example.com.
Find out more about our services...
10805 Holder Street, Suite 100
Cypress, CA 90630
3900 S. Hualapai Way, Suite 133
Las Vegas, NV 89147
5035 E. Belmont Ave., Unit C
Fresno, CA 93727