Chrome made a major change in one of its recent versions; it now blocks HTTP websites. When users visit a website that is still on HTTP, Chrome blocks it and tells users it’s not secure. Websites that are using HTTPS though are given a clean bill of health. This begs the question as to what HTTP is, and why HTTPS is preferred over it.
HTTP vs HTTPS
HTTP stands for Hypertext Transfer Protocol. It’s used to send information between two systems and is most commonly used between a web server and an end user computer.
HTTPS stands for Hypertext Transfer Protocol Secure. It too is used to send information between systems but securely so. The secure part is why Chrome allows these websites to load but blocks the ones still using HTTP.
HTTPS wasn’t always around. In the very early days of the internet, HTTP was all web developers had to work with. This protocol was developed in 1965 and HTTPS only came along in 1994. That’s almost three decades of HTTP being the only transfer protocol there was. For a long time though, it didn’t matter much. The internet as we know it today didn’t exist. It wasn’t widely available and accessible by everyone because personal devices, and even internet connections were expensive and hard to gain access to.
It wasn’t just internet penetration rates that negated the need for having a more secure way to send and receive information between two systems. It also had to do with the nature of information that was sent. With the spread of email via universities, there was a genuine need for the information that was sent to be secure. The internet continued to mature and with the arrival of eCommerce banks began to integrate their payments methods with online stores. Information had to be sent securely and there had to be a way to do it.
HTTPS, SSL, And TSL
HTTPS initially used the Secure Socket Layer protocol to safely transmit data. SSL was developed for this very purpose. Initially, it was used by online eCommerce websites and payment gateways like Paypal however today an unsecure website can be used to inject malware in your browser, and even spread it to your system which is why websites are moving to HTTPS.
It’s also worth mentioning that Secure Socket Layer itself has evolved since it was first developed. It’s been replaced by Transport Layer Security (TLS). TLS provides a much better level of security and protects privacy. Today, the need for security isn’t just to keep sensitive information from being stolen but also against being tracked which is why the security protocol had to be updated.
Identify HTTPS And HTTP Websites
If you use Chrome and visit an HTTP website, it simply won’t let you visit it. You will have the option to ignore the warning but that warning is the surest sign that the website doesn’t use HTTPS.
If you use a different browser, one that doesn’t automatically block HTTP websites, you can still easily identify if a website is on HTTP or HTTPS. To check, look at the address bar. You will see two major markers that tell you a website is secure.
- A green padlock icon and the word Secure appear just before the URL.
- The URL begins with https:// and not http://