If it’s not, Google flags it with a nasty looking “not secure” symbol in the left corner. There are a bunch of reasons why most websites are using the HTTPS protocol and that’s what we’re going to talk about.
Let’s start with the difference between HTTP and HTTPS. HTTP is the hypertext transfer protocol and HTTPS is the hypertext transfer protocol secure. With regular HTTP requests, it’s relatively easy to intercept internet traffic. That’s how people on public Wi-Fi networks can see your information.
HTTPS fixes that. Instead of sending the raw request, the data gets encrypted. That’s where the SSL certificates come in. The certificate has the public key for the server the website is on. That public key is shared with the users and that’s how the secure connection is made.
Even if someone intercepts the traffic they won’t be able to get anything useful out of it without knowing that public key. HTTPS actually slightly slows down a website because the user and the server have to exchange those keys using the certificates before any real data is transferred. And just for those of you that might care, HTTP uses port 80 while HTTPS uses 443.
Why security is important
It seems like a minor difference for there to be so much fuss over it but all that fuss is worth it. Keeping data secure online is a growing issue. People keep finding new ways to hack things and they’ll keep doing that. At least when you use the HTTPS protocol you make it extraordinarily difficult for them to figure out what your data holds.
HTTPS encryption shows them jumbled letters, numbers, and characters that mean nothing without knowing the decryption key. Technically somebody could still figure out a way to read that data but they would have to work harder than it’s probably worth. HTTPS is a quick and pretty easy way to make sure the data on your website gets transferred securely.
This way your users credit cards, email addresses, usernames, and passwords are safer. It also helps with SEO (search engine optimization) if that’s a big concern for you. Plus it gives people confidence when they use your website because they know their information is safe. Think about it like this, would you still feel as comfortable ordering from Amazon if there was a message in the corner saying “not secure” with a red x on it? (maybe you would but you know what I mean)
How you can upgrade to HTTPS
Updating your website to use HTTPS isn’t hard if you know a little about the server you’re using. You could go to a website like https://certbot.eff.org and get the code you need for the command line. Or you can make the file changes yourself.
If you’re using a hosting package and it has something like cPanel it should be super easy to update to the HTTPS protocol. Most of them have some kind of automatic functionality that will make the updates for you. Learn about your server if you need to do this update and you’ll be able to find the specifics from there.
HTTPS is powerful considering how much data it protects every day. It doesn’t hurt to know a few network things as a web developer. That extra knowledge really helps when you have a problem you haven’t seen before. At the bare minimum it does give you another place to look for bugs.
As a warning, always back-up your website before you do this kind of update. Sometimes weird things happen and they could corrupt all of your files or a few key ones. Just spend the time making a back-up first.
Hey! You should follow me on Twitter because reasons: https://twitter.com/FlippedCoding