HTTP = Hypertext Transfer Protocol
When we access a web page, in order for it to be displayed in our browser, communication takes place between the client – our computer/smartphone/tablet – and the server, where the web page we want to visit is stored. This communication is done through HTTP requests and responses.
In short, communication between client and server occurs as follows:
When we write the address to open a web page, our browser sends an HTTP request. This request ends up arriving at the server, where the web page we want to visit is stored. In turn, the server has an application that interprets the HTTP request and returns the HTTP response to our browser, which interprets it and presents the result. If all goes well, the web page we requested will be presented.
What about HTTPS? What is it exactly?
As is well known, there are individuals who have some skills and tools that allow them to intercept HTTP requests and responses, accessing the information contained in those requests.
How bad can this be?
Imagine that you are submitting a contact form on a website, or you are making an online purchase, or accessing your bank’s portal. There is information that you enter that you are guaranteed not to want to fall into the wrong hands. We may be talking about your bank access credentials, your credit card details or, even if not so serious, your contacts and message content sent in a contact form on a website.
To prevent these situations, HTTPS was created.
HTTPS is short for Hypertext Transfer Protocol Secure. This is an improved version of the HTTP protocol, where communication between the client and the server is encrypted so that if the information is intercepted, it will not be readable.
For HTTPS to be used it is necessary that, on the server where the web page you want to visit is stored, there is a security certificate for the domain of the page and, at the same time, that it has been issued by a legitimate certification authority and is valid. If these conditions are validated and your browser supports it, the HTTPS protocol is activated and the communication is done in a secure way. You’ll be able to confirm that you’re browsing safely if an icon representing a closed padlock appears in the browser’s address bar and the address of the page you want to visit starts with “https://” (sometimes you need to click on the bar to view the “https://”).
As a web page owner, should I use HTTPS instead of traditional HTTP even if I don’t request information from my visitors?
Yes, you should always use it.
Does your website use https? Confirm here
Security and privacy never hurt. We all like to feel safe. Seeing that a web page, no matter how simple, has HTTPS increases the user’s trust in that page and, consequently, in the represented brand. There are statistics that prove that a large percentage of users leave a website when they find it unsafe. In addition, some browsers already alert the user that they are visiting an unsafe web page.
Certainly you would not want any user, when entering your web page, to be alerted that it is not secure. Currently, using HTTPS on your website is within everyone’s reach. We must emphasize that its use is imperative, both for the user’s safety and for good positioning in search engines.
If you have any questions, talk to us! Ask for an analysis, or simply find out how we can make your website more secure.