Every day everywhere in the world is reported about Cyber-crimes. Some of these are known for publishing social media networks or news websites. But most of them are of the same kind since the news is not revealed to the world as the newest. Recently, that is what ransomware. (That’s why HTTPS comes to the place)

For example, if you download a song for free from a website. You may find that there are several times to click on that link to download it. And all the others redirecting to various phishing sites. Rather than that, you may get fooled by nice looking advertisement and various online shopping websites.

This is the beginning of a hacking or phishing. If you do not want to get caught to this, you should know HTTP and HTTPS. Quick tip, if you look at the very top of the post for movement and see the navigation bar on our website itechpees, you will see a green lock on this screen.

Secured site
Secured connection
Not secured connection

How HTTP works..?

Usually, most websites are accessed by the HTTP (Hyper Text Transfer Protocol). In standard HTTP all the information is sent in clear text so all the information that is exchanged between your computer and that web server which includes any text that you type on that website. that information is transferred over the public internet and because it transferred in clear text it’s vulnerable to anybody who wants it such as hackers.


Why HTTPS..?

Normally this would not be a big deal if you were just browsing regular websites. And no sensitive data such as password, or credit card information are being used. But if you were to type in personal sensitive data like your name address phone numbers passwords or credit card information that sensitive data goes from your computer and then it has to travel across the public internet to get to that web server. This makes your data vulnerable. Because the hacker that somewhere on the internet can listen to that data transfer and steal your information.


This is why https was developed. HTTPS stands for Hypertext Transfer Protocol Secured. This is HTTP with a security feature. HTTPS encrypts the data that been retrieved by HTTP. It ensures that all the data that’s been transferred over internet between computers and servers is secured by making the data impossible to read and it does this by using encryption algorithms to scramble the data that’s been transferred. So, for example, if you were going to a website that requires you to enter personal information such as password or credit card numbers you will notice that ‘S’ will be added to the HTTP in the web address. This indicates that you are now using HTTPS and have entered a secure website Where sensitive data is going to be passed and that data is going to be protected.

How to Find whether it is secured or not..? (HTTP vs HTTPS)

In addition to the ‘S’ being added, a lot of web browsers will also show a Padlock symbol in the address bar to indicate that HTTPS is being used. By using secure HTTP, all the data which includes anything that you type is no longer sent in clear text. It is scrambled in an unreadable form as it travels across the internet. If a hacker tries to steal your information, he would get a bunch of meaningless data because the data is encrypted, and the hacker would not be able to crack the encryption to unscramble the data.


HTTPS protects the data by using two protocols and one of these protocols is SSL. SSL or Secure Sockets Layer is a protocol that uses to ensure security on the internet it uses public key encryption to Secure data. Basically, this is how SSL works.

How SSL works..? (HTTPS)

When a computer connects to a website that using SSL computers web browser will ask the website to identify itself then the web server will send the computer a copy of its SSL certificate.

SSL certificate a small Digital Certificate. It is used to authenticate the identity of a website. Basically, it’s used to let your computer know that you are visiting is trustworthy. The browser will check to make sure that trusts the certificate. And if it does it will send a message to the web server. Then after the web server will respond with an acknowledgment when SSL session can proceed. Then after all these steps are complete encrypted data can now be exchanged between your computer and the web server.


And the other protocol that secure HTTP can use is called TLS. TLS or Transport Layer Security is the latest industry standard cryptographic protocol. It is the successor to SSL and it’s based on the same specifications. Like SSL it also authenticates the server client and encrypts the data.

It’s also important to point out that a lot of websites are now using HTTPS by default on their websites regardless if sensitive data is going to be exchanged or not and lot of this has to do with Google. Google made changes to its algorithm to prioritize websites that used an SSL certificate. If website is not SSL protected Google will be penalized that website in their search rankings.

About the author

Yasas Sandeepa

An energetic highly motivated Tech Enthusiastic

View all posts


Leave a Reply

Your email address will not be published. Required fields are marked *