As the threat of internet security breaches is all too common, web browser manufacturers and developers alike are constantly working to make the Internet a safer place.
One of the most likely targets of a security attack is any site or business that collects passwords, credit card numbers or other financial information. In an effort to make browsing the web more secure, Google Chrome recently announced that as of January 2017, HTTP pages that collect this type of sensitive data will be marked as non-secure, in an effort to encourage the administrators of these sites to move to the secure HTTPS protocol.
Whenever you use Gmail, or sign in to Facebook, or send money via PayPal, there is a layer of encryption that protects submitted information from being viewed or intercepted from a potential attacker. This layer of encryption is known as Hypertext Transfer Protocol Secure, or HTTPS for short.
While Chrome has long indicated the status of a web connection’s security via a small icon in the address bar, it has not always explicitly indicated HTTP connections as unsecured. The initial step in this new move towards better security will be to mark HTTP sites collecting sensitive data as non-secure, but the long-term goal is to mark all HTTP connections as non-secure (whether or not they collect private information).
Example of connection secured by HTTPS:
Example of connection not secured by HTTPS:
The above “i” indicator for HTTP connections is considered a “neutral indicator”. As this is considered a neutral connection, it doesn’t accurately impart the real lack of security that exists for sites visited with HTTP. With any HTTP connection, a potential attacker can view or edit the page you are viewing before you do (potentially adding in malicious content, or stealing your data).
Much progress has been made in converting a large segment of web traffic from HTTP to HTTPS, and this amount is constantly growing. As of recently, more than 50% of all sites loaded on the Chrome desktop browser are now being served via HTTPS.
Another less mentioned benefit of HTTPS is its faster loading times over HTTP. To see a real-world example of this, check out HTTP vs HTTPS Test, which benchmarks HTTPS at up to 80%+ faster than HTTP.
It’s a no-brainer for smaller sites to implement HTTPS, but the difficulty in transitioning to HTTPS connections grows the larger, more complex the site is. The more elaborate a site is, the more there is to consider, such as whether or not third-party content or advertisements are offered via HTTPS, or if your content delivery network charges more for using the secure protocol.
While the move toward widespread HTTPS use is a huge step forward for internet security, it’s important to point out that HTTPS isn’t fail-proof. Hackers have attempted (and in some instances have been successful), in obtaining certificates for some of the most widely used websites on the Internet. Possession of these certificates would allow a hacker to impersonate the legitimate site, therefore obtaining a user’s confidential info.
Companies and Organizations offering free SSL Encryption:
HTTPS Everywhere is a simple web browser extension that will force a secure HTTPS connection whenever available. The extension is available for Chrome, Firefox, Opera and Android.
- Web Design Services
- WordPress Designer
- Did you just launch a new website? The ultimate guide on what to do next.
- WordPress FAQ
- Top 10 Malware Removal Apps
- 11 Simple Ways to Improve Your Contact Form
- Sunlight Media is a Top LA Web Designer, Says Research Firm Clutch
- Backup WordPress: How to backup up your WordPress website (2018 Update)
- WP Engine’s Staging Area has Revolutionized Our WordPress Development Process
- Current Web Design Trends For Better User Experience
- The Best 5 WordPress Plugins of 2018
- A Quick Guide To Magento Tutorials Available Online
- Sunlight Media ranked as top Los Angeles app developer
- Sunlight Media Delivers According to Research Firm Clutch
- Terms of Service
- Introducing Gutenberg, the new WordPress editor
- Sunlight Media wins 2018’s Top Software Developers in the US
- Should you move your website to WordPress? [Infographic]
- Sunlight Media LLC Presents: How To Build Your Online Store [Infographic]
- Fulfill Your Business’ Design Needs with Powered Template
- Magento FAQ
While always deeply interested in technology since childhood, Nicholas has been involved in web development in a professional capacity since 2012, as both a front-end developer and project manager.