When we type a website into our browser of choice, often we will see it change to the full URL of the website and it will almost always start with either HTTP:// or HTTPS://. One might disregard the beginning of the URL, called the protocol, in favor of the actual domain name. In this post, we will explain what that familiar HTTP or HTTPS protocol means.
On the other hand, HTTPS, also short for Hypertext Transfer Protocol, contains an “s”, which stands for secure. Originally, HTTPS was most common for e-commerce sites that required data like a customer’s credit card number to make a purchase. Now, it is used to secure any sort of sensitive information. Making an encrypted connection is a strong argument for switching to HTTPS. But there is a second and equally conducive reason. That is Google.
When determining how to rank results on the search engine, Google will check whether your website uses HTTP or HTTPS. It will give a higher rank to the secure protocol. So, switching to HTTPS can help boost your search engine optimization (SEO). In order to make the switch, however, you still need one more tool.
In order to switch your website to HTTPS, you will need a Secure Sockets Layer (SSL) certification. This protocol uses what is called an asymmetric Public Key Infrastructure (PKI) system. This system has two keys, the “public” key, and the “private” key. Anything encrypted using the public key can only be decrypted by the private key and vice-versa. Like the key to a safe, the private key should only be accessible to the owner. On a website, the private key is found on the web server. The public key is, as the name suggests, to be distributed to anyone that needs to decrypt information from the private key.
When you request a secure connection to a web page, the website will send its certificate containing the public key to your browser. This begins the process of making a secure connection. After this exchange, the website and the browser will generate and establish a secure connection that is unique to you and the website.
But why do the web page and browser go through all of that for a more secure connection? Any communications over regular HTTP connections are in plain text. They can be read by any hacker that can break the connection. This can endanger communications that include personal information like social security numbers, credit card numbers, or home addresses. With an HTTPS connection, all communications are encrypted, so even if someone were to break the connection, they would be unable to decrypt the data.
Have more questions about HTTPS or SSL? Would you like to switch your website to HTTPS but are unsure where to start? A nerd at #TechStarters can help!