HTTPS Protocol has surpassed HTTP with over half of all the websites on the Internet using this updated, secure protocol. The search engine giant Google and its familiar Google Chrome browser itself helped to accelerate this process with the label “Not secure” in the address bar that shows up whenever you access a website running on HTTP. It is now vital for webmasters to know the mechanism behind HTTPS and start implementing this protocol in their website. The infographic below can quickly give you the answer to the very first basic question of: “What is HTTPS and how does it work?”

(Text outline can be found below)

what is https and how does it work cystack

> CyStack Protecting – Web Application Firewall for your Website <

What is HTTPS and how does it work? – CyStack

Why do I need HTTPS for my website?

  • Improve SEO results
  • Avoid being marked “Not secure” by Chrome browser
  • Avoid data breach
  • Increase customers’ trust when making payment
  • Benefit from HTTP/2.0 speed boost

“HTTPS = HTTP + S”

HTTP protocol

HyperText Transfer Protocol – HTTP is used in the exchange of information between the server and the client computer. It is the foundation of data communication for the World Wide Web.

SSL/TLS encryption

Secure Socket Layer – SSL is a cryptographic protocol designed to secure data communication between the server and the client computer. TLS (Transport Layer Security) is the successor of SSL v3.0 and is widely used nowadays.

What is the “SSL Handshake”?

SSL encryption is established in a process called “SSL Handshake”:

  1. Browser requests for identification from the server
  2. The server sends back its SSL/TLS certificate and its public key
  3. Browser verifies the validity of the SSL/TLS certificate, creates a session key, encrypts it using the received public key and sends it back to the server
  4. The server decrypts the session key using its private key and send back an acknowledgement (to confirm it has decrypted the session key) to start the encrypted session
  5. All data transferred between the server and the web browser is encrypted by the session key

Set up HTTPS for your website in just 5 steps with CyStack Protecting

  1. Register for an account at https://app.cystack.net
  2. Add your website and verify your website ownership
  3. Choose CyStack Protecting and click on “Activate”
  4. Choose between using CyStack’s SSL or your own SSL certificate
  5. Finish the DNS configuration process to secure your website with HTTPS and Web Application Firewall

More details on the process at: https://support.cystack.net

With information from:

https://blog.cystack.net/how-does-https-actually-work/
https://www.digicert.com/ssl/

CyStack