http vs https – What is it and why it’s important
You probably recognise the commonly used acronym “HTTP” that appears in a browser’s address bar, but do you know what it stands for? You may have even come across websites that Chrome warns are “Not Secure”. Pretty scary, right? We’ll take a look at what http and https are, and why that little ‘s’ is so important.
What is HTTP?
HTTP stands for HyperText Transfer Protocol. It is the protocol over which information is sent from a user’s web browser to the website they are visiting. The data that is being communicated between the browser and the website is sent over in plain text, meaning that if someone intercepted the connection between the two, they would easily be able to see the information you were both viewing and sending on the website. This is especially dangerous when users are filling out sensitive information, like credit card numbers on an eCommerce store, or entering location information on Facebook.
Did you know?
Websites addresses begin with an http:// prefix. For example, typing www.google.com is the same as typing http://www.google.com. In fact, only google.com has to be typed in. The browser adds the rest.
The Shift to HTTPS
More and more websites are now secured using https. While HTTPS is essentially the same concept as HTTP, the “S” harbours one big difference between the two: security. HTTPS stands for Hypertext Transfer Protocol Secure. Nowadays, the majority of web browsers support HTTPS for more secure Internet browsing. If you use Firefox, Google Chrome and Internet Explorer you’ll have noticed the little padlock icon in the URL bar to identify a secure HTTPS connection to a website.
The main difference, and best of all, is that HTTPS benefits users with faster speeds and connections than HTTP. This is because websites supporting HTTPS have already been certified as secure and are merely tunnelled to the user. On the other hand, the unencrypted HTTP is typically filtered, cached, or scanned, which means there is more data to send over the browser. Want to test the speeds for yourself? Visit HTTP vs. HTTPS to compare web page load times for these two different protocols and you can be the judge!
Transfers data in hypertext (structured text) format
Uses port 80 by default
Transfers data in encrypted format
Uses port 443 by default
Secured using SSL technology
Secure Socket Layer (SSL)
SSL is the standard security technology for establishing an encrypted link between the two systems. These can be browser to server, server to server or client to server. Basically, SSL ensures that the data transfer between the two systems remains encrypted and private.
The https is essentially http over SSL. SSL establishes an encrypted link using an SSL certificate which is also known as a digital certificate. Read more about SSL Certificates here.
HTTP and even HTTPS are not concerned with how information gets from point A to point B; however, the secure sockets layer (SSL) that HTTPS uses ensures that the information travels through a safe tunnel to its destination, without concerning itself with the actual data that it is sending.
The SSL also encrypts the information that is being sent, which means that the true meaning of the data (credit card numbers, personal information, etc.) is very difficult to be cracked by anyone trying to see the information. Even if hackers manage to intercept the communication, they will not be able to use it because the message is encrypted.
Today, there are millions of websites that support HTTPS so that users can view and send information safely without a third party nosing its way into their business. And since Tree Duck Design uses SSL encryption, any information you send on this site is encrypted and secure.
As you’ve discovered, HTTP is the old way of transferring data between the web server and browser, and HTTPS is the faster, secure way. To sum up, here are the main reasons you should be using https:
- Secure Communication: https makes a secure connection by establishing an encrypted link between the browser and the server or any two systems.
- Data Integrity: https provides data integrity by encrypting the data and so, even if hackers manage to trap the data, they cannot read or modify it.
- Privacy and Security: https protects the privacy and security of website users by preventing hackers to passively listen to communication between the browser and the server.
- Faster Performance: https increases the speed of data transfer compared to http by encrypting and reducing the size of the data.
- SEO: Use of https increases SEO ranking. In Google Chrome, Google shows the “Not Secure” label in the browser if users’ data is collected over http.
- Future: https represents the future of the web by making internet safe for users and website owners.
Every website we design and host comes with a free SSL certificate as standard. So you can be sure any information your visitors input into your forms and shopping cart stays safe and secure. Book a free call to find out more.