What is HTTPS and why does it matter?
|11 min read
Recommended Journals
The Trading Post
08.12.18. Now that the Trading Post has been operating for exactly a month, we'll be making some changes in response to some problems that have arisen since it's introductions. Comments can no longer be edited after a certain amount of time, so we ask that you post ONE strudel per comment, so that you can hide the comments after it has been traded off. Posting multiple in the same comment causes confusion if you cannot hide just one strudel in particular. ALSO if your strudel is not on the masterlist, please post to the Can't find your strudel? entry on the StrudelCupboard (https://www.deviantart.com/strudelcupboard) to help us find any missing babies! We're super quick about updating!
Art Trade (OPEN)
Very sorry I wasn't able to respond quickly to the last batch, ATs are open for a short while but I will be moving soon so it might be subject to some delay, for the same reason I might also not be able to do too many trades qq ATs are accepted based on  -How I like your art style (not necessarily skill related)  -How I feel able to draw your character  -Character designs and how they might inspire me  -Will do anything for good friends This following section is important! Please read this section even if you don't read the others! * Please understand that I do not accept every offer. I accept trades based on "how I need you style f
art challenge event [open]
i really really really want to see more ppl experimenting with their art, esp in the wings of fire fandom (i love u all but please. Please. stop copying realtense) so this is what i'm going to do to encourage that. what is the challenge? draw something out of your comfort zone! if you usually draw w lines, try lineless. if you usually use muted colors, try bright ones. if you usually draw standing poses, do an action pose. throw some cubism in there. go buckwild. genuinely just stretch yourself beyond your comfort zone and what is... well, 'fandom popular'; the ability to diversify your style is a strength, not a hindrance. what are the re
kaons's avatar
By kaons   |   Watch
2 12 730 (1 Today)
Published: July 5, 2018



Hello!
Your friendly neighborhood host back again for another edition of "why should I care about this". Today, I am writing about "HTTPS". Firstly, what does HTTPS mean? Basically, it is "HTTP" but "secure" (which is where the "s" comes from). When you type out "http" into your browser, you are telling your browser the protocol over which to transfer data from a server to your computer. The protocol is basically the application foundation for all internet communication as it is HOW data moves from server to server, through cables/satellite/wifi/etc and reaches your computer. 

So what is the problem with HTTP?
Well, when you make a connection to a website, that connection has to bounce through a bunch of different channels. There are DNS servers, routing servers, mirror servers, etc. Essentially, there are many "hops" you have to make to reach your destination. With HTTP, that is not secure, anyone (really anyone because info is out there) can snag your data as it's making one of these hops. This is how a large majority of credit card information was stolen before HTTPS became a thing, and it's how your personal information is taken. If you use the same passwords for a bunch of sites, and that password gets stolen, then there are computers that will systematically go through your entire history and try those passwords to get access to your information. 

That is a BIT of a simplification of a complex process, but that's the "essence" of http. 

What makes HTTPS different? Better? 
The "S" for secured, means that the data transmitted by you and sent by the computer over those series of hops is ENCRYPTED. Encryption is scrambling up your data with a series of symbols, letters, and random crap that can only be de-convoluted by an encryption KEY. That key is usually a series of numbers. The longer the number, the better the key. There are entire industries dedicated to making encryption keys, and it's basically all math. ANYWAY, what this means for you is that if someone takes your information now from a hop, they won't be able to de-crypt it for... oh... 50 years of computing time?

HTTPS is becoming increasingly important with the implications from GDPR, the US's questioning of Zuckerberg and data safety and security. In fact, our great friends at google told all of us hosts and developers to basically get our act together and make everything HTTPS: searchengineland.com/effective… . I, personally, won't click on a site that says "NOT SECURE", and I CERTAINLY won't login to it! This means that I will be willingly giving information about myself to anyone who could want to use it maliciously. 

Maybe internet ponies don't carry quite the same weight as, say, your bank account, but we still share alot about ourselves through the internet - AND YOUR COMPUTER shares alot too that you may not know about :) 

The whole internet is moving to HTTPS because it's secure and safer for all users.  

Therefore it's our responsibility as content creators, hosts, etc to make sure that the sites we host are encrypted - for the safety of our clients and their users. 


Okay, so how to I get HTTPS?
"When you request a HTTPS connection to a webpage, the website will initially send its SSL certificate to your browser. This certificate contains the public key needed to begin the secure session. Based on this initial exchange, your browser and the website then initiate the 'SSL handshake'. The SSL handshake involves the generation of shared secrets to establish a uniquely secure connection between yourself and the website." - instant SSL.com
All servers have an SSL certificate whether you know it or not. You have to pay to get an SSL certificate for the server you're hosting on in order to establish that connection. Basically, you're buying 1) insurance for your site, 2) an encryption key, and 3) a fancy little green bar telling you that the website is secure. 

Here is an example of a secured site that I host
Ef6e9cb22bc25b8319b3e2da7ede5ee6 by kaons

Here is an example of an unsecured site (note the "i" and click for more information in your browser)
7aa6d2b20a27ac76879a8cdda37ed855 by kaons

Different companies will have special secure identifiers
5639c8ae14c486e3a802b83f56d4bae7 by kaons


There are a few different ways to get HTTPS SSL certificates. All of them require knowledge of networking, DNS, SSL on Cpanel (through WHM, not a normal panel), etc. When installing and setting up HTTPS, there are lots of ways this can go wrong - especially when it comes to browser cookies! Most sites use cookies to keep you logged in, so if you don't set that up properly, your users will never be able to stay logged in. 

You will need to ask your host to give you HTTPS!

If they say you don't need it, make a face and start looking for new options. 



Internet safety is VERY important. Your data security is very important. Encryption is going to happen across all sources soon, and it's better to be prepared :) 


Skin by SimplySilent
Recommended Journals
The Trading Post
08.12.18. Now that the Trading Post has been operating for exactly a month, we'll be making some changes in response to some problems that have arisen since it's introductions. Comments can no longer be edited after a certain amount of time, so we ask that you post ONE strudel per comment, so that you can hide the comments after it has been traded off. Posting multiple in the same comment causes confusion if you cannot hide just one strudel in particular. ALSO if your strudel is not on the masterlist, please post to the Can't find your strudel? entry on the StrudelCupboard (https://www.deviantart.com/strudelcupboard) to help us find any missing babies! We're super quick about updating!
Art Trade (OPEN)
Very sorry I wasn't able to respond quickly to the last batch, ATs are open for a short while but I will be moving soon so it might be subject to some delay, for the same reason I might also not be able to do too many trades qq ATs are accepted based on  -How I like your art style (not necessarily skill related)  -How I feel able to draw your character  -Character designs and how they might inspire me  -Will do anything for good friends This following section is important! Please read this section even if you don't read the others! * Please understand that I do not accept every offer. I accept trades based on "how I need you style f
art challenge event [open]
i really really really want to see more ppl experimenting with their art, esp in the wings of fire fandom (i love u all but please. Please. stop copying realtense) so this is what i'm going to do to encourage that. what is the challenge? draw something out of your comfort zone! if you usually draw w lines, try lineless. if you usually use muted colors, try bright ones. if you usually draw standing poses, do an action pose. throw some cubism in there. go buckwild. genuinely just stretch yourself beyond your comfort zone and what is... well, 'fandom popular'; the ability to diversify your style is a strength, not a hindrance. what are the re
anonymous's avatar
Join the community to add your comment. Already a deviant? Sign In
Comments (10)
nettlebird's avatar
nettlebird|Hobbyist Digital Artist
You'll also want to setup a redirect to force all requests to your server to load over https, especially if you are moving from http to https. This can be done through an .htaccess file for apache servers or a redirects.conf file for nginx servers. 
Reply  ·  
kaons's avatar
kaons|Hobbyist Digital Artist
Yup yup! :D 
Reply  ·  
Camyza's avatar
Just got mine to use it. Was pretty easy using a plugin alongside changing the urls needed (mybb has a handy built in search/replace tool) and the mybb documentation was very thorough on how to do it.  Definitely worth setting up :la:
Reply  ·  
kaons's avatar
kaons|Hobbyist Digital Artist
Also rise looks so good!!!
I can't wait to see it grow! 
Reply  ·  
Camyza's avatar
I'm so excited to see how Bail grows it too :la:
Reply  ·  
kaons's avatar
kaons|Hobbyist Digital Artist
Ltts still doesn't serve over https!! But I'm here to help :) I think your links or dns isn't configured right. But yeah when you have your own cpanel access it should be easy!!!
Reply  ·  
Elandria's avatar
Elandria|Professional General Artist
:thumbsup: Its all new territory for me, but I still have a contact me section on my site so need to look into it sooner rather than later.  :/ 
Reply  ·  
kaons's avatar
kaons|Hobbyist Digital Artist
Just shout if you need help!! I'm not sure who you host with but I charge $2/mo for personal websites and it includes https :) 
Reply  ·  
Elandria's avatar
Elandria|Professional General Artist
lunarhosts, have been for a long time :nod:  I'll keep you in mind though if I don't have much luck.  It's not like my sites are highly trafficked, only have my personal one and the one I did for our stables at the mo but I have unlimited storage and bandwidth so I tend to have a lot of old shit and test sites stored on there :D XD
Reply  ·  
kaons's avatar
kaons|Hobbyist Digital Artist
<333 
I have a discord server for hosting if you want to join: discord.gg/gWWC69j
I usually end up posting good stuff like great web fonts to use and how-tos :) 
All the sites I host have unmetered bandwidth and 50 GB storage (which I doubt you even touch unless you have a heck ton of databases?)

Best of luck to you! 
Reply  ·  
anonymous's avatar
Join the community to add your comment. Already a deviant? Sign In
©2019 DeviantArt
All Rights reserved