Shop Forum More Submit  Join Login

What is HTTPS and why does it matter?

Thu Jul 5, 2018, 12:52 PM by kaons:iconkaons:



Hello!
Your friendly neighborhood host back again for another edition of "why should I care about this". Today, I am writing about "HTTPS". Firstly, what does HTTPS mean? Basically, it is "HTTP" but "secure" (which is where the "s" comes from). When you type out "http" into your browser, you are telling your browser the protocol over which to transfer data from a server to your computer. The protocol is basically the application foundation for all internet communication as it is HOW data moves from server to server, through cables/satellite/wifi/etc and reaches your computer. 

So what is the problem with HTTP?
Well, when you make a connection to a website, that connection has to bounce through a bunch of different channels. There are DNS servers, routing servers, mirror servers, etc. Essentially, there are many "hops" you have to make to reach your destination. With HTTP, that is not secure, anyone (really anyone because info is out there) can snag your data as it's making one of these hops. This is how a large majority of credit card information was stolen before HTTPS became a thing, and it's how your personal information is taken. If you use the same passwords for a bunch of sites, and that password gets stolen, then there are computers that will systematically go through your entire history and try those passwords to get access to your information. 

That is a BIT of a simplification of a complex process, but that's the "essence" of http. 

What makes HTTPS different? Better? 
The "S" for secured, means that the data transmitted by you and sent by the computer over those series of hops is ENCRYPTED. Encryption is scrambling up your data with a series of symbols, letters, and random crap that can only be de-convoluted by an encryption KEY. That key is usually a series of numbers. The longer the number, the better the key. There are entire industries dedicated to making encryption keys, and it's basically all math. ANYWAY, what this means for you is that if someone takes your information now from a hop, they won't be able to de-crypt it for... oh... 50 years of computing time?

HTTPS is becoming increasingly important with the implications from GDPR, the US's questioning of Zuckerberg and data safety and security. In fact, our great friends at google told all of us hosts and developers to basically get our act together and make everything HTTPS: searchengineland.com/effective… . I, personally, won't click on a site that says "NOT SECURE", and I CERTAINLY won't login to it! This means that I will be willingly giving information about myself to anyone who could want to use it maliciously. 

Maybe internet ponies don't carry quite the same weight as, say, your bank account, but we still share alot about ourselves through the internet - AND YOUR COMPUTER shares alot too that you may not know about :) 

The whole internet is moving to HTTPS because it's secure and safer for all users.  

Therefore it's our responsibility as content creators, hosts, etc to make sure that the sites we host are encrypted - for the safety of our clients and their users. 


Okay, so how to I get HTTPS?
"When you request a HTTPS connection to a webpage, the website will initially send its SSL certificate to your browser. This certificate contains the public key needed to begin the secure session. Based on this initial exchange, your browser and the website then initiate the 'SSL handshake'. The SSL handshake involves the generation of shared secrets to establish a uniquely secure connection between yourself and the website." - instant SSL.com
All servers have an SSL certificate whether you know it or not. You have to pay to get an SSL certificate for the server you're hosting on in order to establish that connection. Basically, you're buying 1) insurance for your site, 2) an encryption key, and 3) a fancy little green bar telling you that the website is secure. 

Here is an example of a secured site that I host
Ef6e9cb22bc25b8319b3e2da7ede5ee6 by kaons

Here is an example of an unsecured site (note the "i" and click for more information in your browser)
7aa6d2b20a27ac76879a8cdda37ed855 by kaons

Different companies will have special secure identifiers
5639c8ae14c486e3a802b83f56d4bae7 by kaons


There are a few different ways to get HTTPS SSL certificates. All of them require knowledge of networking, DNS, SSL on Cpanel (through WHM, not a normal panel), etc. When installing and setting up HTTPS, there are lots of ways this can go wrong - especially when it comes to browser cookies! Most sites use cookies to keep you logged in, so if you don't set that up properly, your users will never be able to stay logged in. 

You will need to ask your host to give you HTTPS!

If they say you don't need it, make a face and start looking for new options. 



Internet safety is VERY important. Your data security is very important. Encryption is going to happen across all sources soon, and it's better to be prepared :) 


Skin by SimplySilent
Add a Comment:
 
:iconnettlebird:
nettlebird Featured By Owner Jul 7, 2018  Hobbyist Digital Artist
You'll also want to setup a redirect to force all requests to your server to load over https, especially if you are moving from http to https. This can be done through an .htaccess file for apache servers or a redirects.conf file for nginx servers. 
Reply
:iconkaons:
kaons Featured By Owner Jul 7, 2018  Hobbyist Digital Artist
Yup yup! :D 
Reply
:iconcamyza:
Camyza Featured By Owner Jul 6, 2018
Just got mine to use it. Was pretty easy using a plugin alongside changing the urls needed (mybb has a handy built in search/replace tool) and the mybb documentation was very thorough on how to do it.  Definitely worth setting up :la:
Reply
:iconkaons:
kaons Featured By Owner Jul 6, 2018  Hobbyist Digital Artist
Also rise looks so good!!!
I can't wait to see it grow! 
Reply
:iconcamyza:
Camyza Featured By Owner Jul 6, 2018
I'm so excited to see how Bail grows it too :la:
Reply
:iconkaons:
kaons Featured By Owner Jul 6, 2018  Hobbyist Digital Artist
Ltts still doesn't serve over https!! But I'm here to help :) I think your links or dns isn't configured right. But yeah when you have your own cpanel access it should be easy!!!
Reply
:iconelandria:
Elandria Featured By Owner Jul 6, 2018  Professional General Artist
:thumbsup: Its all new territory for me, but I still have a contact me section on my site so need to look into it sooner rather than later.  :/ 
Reply
:iconkaons:
kaons Featured By Owner Jul 6, 2018  Hobbyist Digital Artist
Just shout if you need help!! I'm not sure who you host with but I charge $2/mo for personal websites and it includes https :) 
Reply
:iconelandria:
Elandria Featured By Owner Jul 7, 2018  Professional General Artist
lunarhosts, have been for a long time :nod:  I'll keep you in mind though if I don't have much luck.  It's not like my sites are highly trafficked, only have my personal one and the one I did for our stables at the mo but I have unlimited storage and bandwidth so I tend to have a lot of old shit and test sites stored on there :D XD
Reply
:iconkaons:
kaons Featured By Owner Jul 8, 2018  Hobbyist Digital Artist
<333 
I have a discord server for hosting if you want to join: discord.gg/gWWC69j
I usually end up posting good stuff like great web fonts to use and how-tos :) 
All the sites I host have unmetered bandwidth and 50 GB storage (which I doubt you even touch unless you have a heck ton of databases?)

Best of luck to you! 
Reply
:iconelandria:
Elandria Featured By Owner Jul 8, 2018  Professional General Artist
Databases... are things other people use. Who have access to voodoo magic. >.>  Thanks for the discord link I will certainly get it added! I checked my hosting, its paid up until 2019 which is... useful, but not useful at the same time :|
Reply
:iconkaons:
kaons Featured By Owner Jul 8, 2018  Hobbyist Digital Artist
<333 my server has access to a TON of free softwares via the installatron package. It lets you install forums, wordpress, content managers, etc in one click :) That way you don't have to know database magic! Just use them
Reply
Add a Comment:
 
×

:iconkaons: More from kaons


More from DeviantArt



Details

Submitted on
July 5
Link
Thumb

Stats

Views
300
Favourites
5 (who?)
Comments
12
×