why some wrbsite begin with https not http

Posted on 2006-04-22
Last Modified: 2010-04-11
why some wrbsite begin with https not http
Question by:teera
    LVL 48

    Assisted Solution

    Hi teera,

    HTTPS is a secure site whereas a HTTP site isnt.....

    LVL 32

    Assisted Solution

    https:// is used when traffic to/from that web page will be "secure", i.e. encrypted.

    This comes at the cost of some added complexity, which is why all pages don't use it, and in fact most information on the web, such as news, articles, personal web pages, does not need to be encrypted since it is public almost by definition.

    You will find https:// used with pages that handle sensitive information that you don't want to snooped, such as banking, shopping sites etc.

    Some more info here:
    LVL 27

    Assisted Solution

    Please take a look at it explains the background quite nicely:

    https is a URI scheme which is syntactically identical to the http: scheme normally used for accessing resources using HTTP. Using an https: URL indicates that HTTP is to be used, but with a different default port and an additional encryption/authentication layer between HTTP and TCP. This system was invented by Netscape Communications Corporation to provide authentication and encrypted communication and is widely used on the Web for security-sensitive communication, such as payment transactions.

    How it works
    Strictly speaking, HTTPS is not a separate protocol...

    LVL 3

    Accepted Solution

    If you browse the internet on http:// pages, someone in between can read everything you send or receive as it is send in plain text. As most information on the internet is public, there is no reason to change this.

    However you don't want your banking-details or credit-card information to be readable by someone else. Therefore it is possible to encrypt the data so that only your computer and the webserver are able to decrypt the information send to eachother. If someone is reading the encrypted communication, s/he will only see meaningless garbage.

    You might wonder why we don't encrypt all communications and that's easy to explain. Encryption and decryption both require a lot of calculating thus it takes up some CPU-time. If you are surfing the web you probably won't notice the difference in time between encrypted and not encrypted traffic, but that is because your PC is handling only one, maybe two encrypted connections at a time. But the webserver is maintaining hundreds or thousands connections at the same time, so here encryption becomes a problem. The webserver is easily overloaded. The problem is so big, that you can buy specialized encryption-cards for webservers so that the server itself doesn't have to do the encryption anymore. Problem is that those encryption-cards are very powerfull and therefore very expensive.

    So a normal website is usually not encrypted and starts with http://, but some websites do require encryption and start with https://. The webmaster desides which pages require encryption and he will be reluctant to encrypt pages as it is more expensive.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Do You Know the 4 Main Threat Actor Types?

    Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

    Suggested Solutions

    SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
    When the confidentiality and security of your data is a must, trust the highly encrypted cloud fax portfolio used by 12 million businesses worldwide, including nearly half of the Fortune 500.
    It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
    Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…

    779 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now