HTTPS, also referred as HTTP Secure or HTTP over SSL, is a protocol widely used over computer network for secure communication.
Should I Use HTTPS?
A couple of years ago I would have said no, I mean why would you need HTTPS that cost fortune ? However, today I have reasons that it’s necessary to have it and here’s why.
- To a certain degree encrypted connections make up for the inadequacy of the already insecure DNS infrastructure, as with HTTP you don’t get the same level of security.
- When browsers are forced to use HTTPS connections it slightly raises the security policy, which means less opportunities for hackers on the client side regardless of the communication channel.
Personally I would say this is the major benefit of sending data via HTTPS as it tells the end user that the content delivered is from the source and it hasn’t been tampered with in any way.
The webpages you’re viewing and what you’re doing aren’t visible to anyone sniffing network traffic as it’s fully encrypted via HTTPS.
Protection is important when it comes to handle money transfers like with online banking or for e-commerce sites, so you definitely don’t want anyone malicious to send another copy of commands and transfer twice.
Google also loves security and would like to establish secure environment over the internet, thereforein search engine to secure HTTPS websites.
When most people think of a secure connection they take all above points into consideration, but I would say that authenticity is the most vital. Let’s say I go to quora.com, what I expect is exactly what quora sent, not anything else. I don’t really care if anyone sees what I’m reading, but I am concerned if there’s a man in the middle feeding me false content and injecting code for an attack.
The real question is: Why isn’t everyone using HTTPS? In short, it’s not the default configuration yet, but we’re slowly getting there.