DELIVERING YOUR
WEBSITE CONTENT SECURELY By Trevor Owen NOW, MORE THAN EVER, IT IS IMPORTANT TO DELIVER YOUR WEBSITE CONTENT SECURELY TO PREVENT HACKERS FROM INTERCEPTING YOUR CUSTOMERS’ COMMUNICATIONS USING EAVESDROPPING “MAN-IN-THE-MIDDLE” (MITM) ATTACKS. BY SECURING YOUR CONTENT, YOU ENCRYPT COMMUNICATIONS WITH YOUR CUSTOMER. THIS IS CRITICAL WHEN ENTERING USERNAMES, PASSWORDS AND CREDIT CARD INFORMATION ONLINE. THIS CAN BE ACCOMPLISHED BY MOVING FROM HTTP TO HTTPS PROTOCOL USING A SECURE SOCKET LAYER (SSL) ON YOUR WEBSITE.
HTTP VS HTTPS “HTTP” (Hyper Text Transfer Protocol)
WINTER 2020 | GALLERIE MAGAZINE | 24
In 1994, Tim Berners-Lee, the creator of the world wide web, introduced the Uniform Resource Locator (URL) as a common method to define the path to resources on the internet. HTTP (“http://”) was the most widely used protocol. Millions of sites still rely on this protocol. We are all familiar with the “http” (Hyper Text Transfer Protocol) prefix, “http://”, in a web address URL used to access content on the Internet. Chances are that you have typed this prefix into your browser address bar to get to a website or two. It is also likely that you have used this protocol when you originally authored your website. It allows you to get up and running quite quickly, is easily understood by your users and is the default behavior for most browsers. Once configured, users could access your site using the format http://yourdomainname.com. All good? Not so fast! The problem with HTTP protocol is that it is NOT secure. To address this issue, you can enable HTTPS on your site to provide end-to-end encryption.
“HTTPS” (Hyper Text Transfer Protocol Secure) HTTPS encrypts traffic by using an SSL (Secure Socket Layer) certificate. This ensures a secure connection between the user and the resource using an encrypted “key”. This is the prominent method to encrypt traffic. Installing SSL for your website involves purchasing a certificate from a Certificate Authority (CA) and configuring its use on your server. The CA ensures the identity of entities like a company, website, email address or person. It is possible that your web host includes a certificate with your hosting. You may need to talk to your host to confirm proper installation for your specific server.
There are also different levels of encryption available. The rule of thumb is the more secure the better. Budget does become a consideration when purchasing SSL certificates. Once configured, your site will display the desired “lock” icon to the left of the address:
As well, there is a confirmation of secure connection:
