A long-time staple of internet security is HTTP Secure, also known as https. The encryption of data between your customer and you is incredibly important when dealing with highly sensitive data such as addresses, credit card numbers and passwords, and HTTP Secure is what facilitates this secure transfer. With unlimited SSL certificates available for your website, there’s never a better time to learn about securing your site. So what exactly is HTTP Secure?
First you need to understand how the web works in simple terms. First the user types in a web address into their browser. The browser locates the appropriate web server to connect to using the equivalent of the internet’s phone book, known as “Domain Name System”, which converts addresses such as www.google.com into an IP (Internet Protocol) address such as 220.127.116.11. The browser connects to the IP address and asks for the web page content – this is called a “Request”. The web server then replies to your browser with the web page content – called the “Response”. Both the Request and the Response in regular HTTP are in plain text, which means a human can read it and if they understand the vernacular of the messages, will be able to see any data transferred – and that could include credit card numbers or passwords.
HTTP Secure introduces a few extra steps into this process which allows the browser to negotiate a secure connection to the web server on which to send the request and receive the response. So with HTTP Secure, once the browser has the web server’s IP address, it will connect securely to the web server and encrypt the Request. The web server then sends the Response back, also encrypted, which means that anyone “listening in” on the connection will just see a lot of rubbish, and thus would not be able to decipher any sensitive data such as credit card numbers or passwords.
The development of HTTP Secure was an important milestone in the internet’s history, allowing secure online purchasing to create a booming web economy that we see today.