HTTP vs HTTPS
In previous blog posts we’ve mention the importance of SSL certification and some of the most common cyber threats facing businesses. Now we’re going to continue the topic of security and shine a light at an often-overlooked feature of websites. If you’ve ever looked at the top of a webpage in the URL bar, you’ll notice before the name of the site either http:// or https://. These stand for Hypertext Transfer Protocal and Hypertext Transfer Protocal Secure respectively.
To put it quite simply both HTTP and HTTPS are sets of protocols that allow for the transfer of information between systems. They’re mostly used to transfer data between a web server and a browser. Before 2014 most websites, with the exception of some E-commerce sites, only used HTTP to transfer data to the browser. However, the fatal flaw of HTTP is that it doesn’t encrypt the data it sends to the server, as a result information such as passwords, email addresses or bank details can be stolen. This is the reason you sometimes get warnings when going to certain sites, they are using HTTP for all data transfers and are vulnerable to hacks. HTTPS has and added layer of security as all data transfers are encrypted with an SSL certificate (Secure Socket Layer) which protects all sensitive information.
We always advise clients to update their websites to use HTTPS, it is now a standard security feature on most websites and is the minimum level of security that consumers expect. As well as the cyber security advantages HTTPS also offers advantages for visibility and SEO. As an incentive for businesses and developers to switch over Google provides sites which use HTTPS with a boost in its rankings in effect giving an edge to sites that switched to HTTPS over those that didn’t.
This is one of the first steps we take with our clients and we can’t stress the need to use HTTPS enough. We hope you found this post helpful.