Have you ever wondered why a lock sign appears on some web pages? Also if you pay more attention to the URL (Uniform Resource Locator) of a website, you might have come across an extra “s” after the “http”. So, for instance, you see https://www.mfidie.com instead of the normal http://www.mfidie.com. This is widely and mostly seen on sites that require sensitive information from its users.
What does the “s” represent? How does it work? How do you get it on your webpage?
Worry no more. This short write up seeks to answer the questions above. Without halting my typing let’s get into it.
The additional “s” simply means that the website is secured and any data that is passed on it is encrypted on the web from the server side. An unsecured webpage is equivalent to non-encrypted data or plain-text sent back and forth. Plain-text data opens up for interceptions, eavesdropping and even stealing from unauthorized persons. The technology that powers this is called SSL, which stands for Secure Sockets Layer.
SSL is a security protocol for creating a secure link between a web server and a web browser. This link ensures that all data passing through is private and remains private. This is done in that websites which has obtained an SSL certificate from reseller (i.e. ClickSSL) of trusted Certified Authorities or directly from CA (Certificate Authority). Browsers, Operating Systems and Mobile Devices also maintain a list of CA (Certified Authority) root certificates.
The certificate uses public key cryptography and this makes use of two randomly generate keys – Public and Private to lock and unlock information on both ends of the communication. Some of these trusted Certified Authorities include Comodo, GlobalSign, GoDaddy, DigiCert and many others.
Data like bank transaction or high-level information is encrypted, making it difficult for hackers who prey on web servers to get anything useful from your inputs. You are rest assured that hitting “submit” on a website is safe.
Now here are a few tips to know if the website you are visiting is secure or otherwise.
- Within the URL of your browser you will see https:// instead of http://
- You will also notice a padlock icon and some browsers write “Secure” in addition. This can be found on the left or right side of the URL bar.
- Some websites also go an extra mile to add a badge to the webpage to indicate a secure connection.
- You can as well use an SSL-Checkers like https://www.digicert.com/help/, https://sslanalyzer.comodoca.com, https://www.sslshopper.com/ssl-checker.html, etc.
In addition, some websites would have secured their webpages but the certificate might be expired. Therefore, when you realize that a webpage is requiring too many information you can go further to check the status of their certificate.
This differs from browser to browser. A simple process for Google Chrome is to go the developer tools and navigate to security and holla you will see if the certificate is valid or expired. Let’s take extra precautions on the internet and happy browser to you.