{"id":1383,"date":"2018-08-11T09:34:02","date_gmt":"2018-08-11T08:34:02","guid":{"rendered":"https:\/\/guwii.com\/?p=1383"},"modified":"2019-01-20T19:21:33","modified_gmt":"2019-01-20T19:21:33","slug":"https-for-websites","status":"publish","type":"post","link":"https:\/\/guwii.com\/https-for-websites\/","title":{"rendered":"HTTPs for websites-why websites need that little green padlock"},"content":{"rendered":"
<\/p>\n
You\u2019re probably familiar with that little padlock symbol in the address bar of your website browser, usually giving an indication that the site has some kind of security, the majority of people glance at it and pay no further attention. So what is it and why does it exist?<\/p>\n
HTTP<\/strong>: Hypertext Transfer Protocol As a non-technical example, HTTP is like you\u2019re talking to your friend in a crowded room, anyone could listen in on your conversation and you might not even notice, this might be okay if you\u2019re talking about common knowledge (for this example, imagine just reading a news article online). HTTPs ensures that data you send and receive to that website is encrypted, so anyone snooping in the middle will only see scrambled letters instead of readable data.<\/p>\n The security and anonymity of your data are always vital, but there are situations where it’s even more important, such as wifi networks (eg cafes\/airports). HTTPs is a great first stepping stone in ensuring your data isn’t being snooped on.<\/p>\n HTTPs technically began way back in 1994, created by Netscape\u2014mostly used for securing the most confidential parts of the web, such as payment forms. It wasn\u2019t until 2012 onwards that more websites started to fully enable HTTPS for the whole site, it was still only the largest sites that undertook the large technical difficulties to do this however. Finally, in 2016 HTTPS finally got traction with the vast majority of websites, thanks to services such as LetsEncrypt\u2014which make the TLS\/SSL certificate process a lot simpler.<\/p>\n In 2014 Google listed HTTPs as a ranking signal, meaning sites that had HTTPs enabled might gain a slight boost in their Google search position. Sadly, only then was this the turning point for most websites to start focusing on installing an encryption certificate (of course user privacy and security should have been the main driving force, but a lot of businesses started paying attention when there was a benefit for themselves).<\/p>\n Simply put, there\u2019s no real reason to not at least start getting your website on HTTPs. Google wants \u201cHTTPs everywhere\u201d, a state where the whole internet uses the secure protocol. It has several benefits; giving website users peace of mind that their data is at least being transferred securely and a possible boost to website rankings on Google (et al). Also, HTTPs is now a major stepping stone in enabling websites to use some of the latest web technologies such as service workers, which can help websites behave more like an app rather than just a simple website.<\/p>\n It\u2019s worth noting that not all HTTPs connections are quite the same, HTTPs relies on a \u2018certificate\u2019, these are bits of data that set guidelines and agreements for any data the website sends or receives, some of these certificates use weaker\/older encryption methods and Google Chrome now will even show a warning for these. As an example, here\u2019s a warning in Google Chrome 70 showing that even PayPal is using a weak certificate:<\/p>\n
\nHTTPs<\/strong>: Hypertext Transfer Protocol – Secure
\nThe HTTP protocol is the way in which your computer communicates with the website you\u2019re visiting.<\/p>\n
\nYou certainly wouldn\u2019t want someone listening in to your conversation if you started talking about personal information, so we need a new method of communication. In our real-world example, imagine being able to telepathically talk to your friend without anyone hearing what you\u2019re discussing\u2014I know some people would love this skill, but sadly humans can\u2019t yet do this, but HTTPs can!<\/p>\nA little history<\/h3>\n
Why would you want it?<\/h3>\n