About https secure website
HTTPS stands for Hypertext Transfer Protocol Secure. It is an adaptation and a secure version of HTTP that is Hypertext Transfer Protocol and https secure the website. It is widely used on the internet for a secure communication over computer network. It means that the communications between your browser and the website are encrypted. It contains layers of SSL (Secure Sockets Layer) and TLS (Transport Layer Security) encryption on top of it. The main aim of HTTPS is a secure communication over internet and protection of exchanged data. It protects against man in middle attacks. It helps in securing highly sensitive transactions like online banking and even online shopping methods. The following image shown below explains how HTTPS is different from HTTP and how does it work. With encryption provided under https the hacker will not be able to decode the message you sent to the other person. So, it keeps your data secured.
Before getting into its security measures we need to know how it works. Here, the TLS and SSL uses an asymmetric Public Key Infrastructure (PKI) system. The system uses two keys to encrypt communications i.e. public key and private key. Here the private key is kept completely protected and accessible only by the owner of the private key. Anything encrypted with the public key is decrypted by private key and vice-versa. The public key is given to anybody who wants and needs to decrypt information encrypted with private key.
Now talking about the security provided by HTTPS. When you request HTTPS connection to a web page the website will initially provide you with SSL certificate to your browser. This certificate is signed by trusted certificate authority. This certificate contains public key required for your security. This certificate is used to authenticate the server and sometimes the client as well. Therefore this certificates are necessary to verify the relation between the certificate and its owner. Now the main question arises that whether https secure website or not. The following points prove that it secures our website.
How HTTPS Different from HTTP?
We know that https is an extension of http. HTTP is not encrypted and vulnerable to man in the middle and eavesdropping attacks as discussed above. This can lead to attackers gain access to any of your sensitive information like credit card details or bank account details. They can also modify webpage to inject malware or advertisements. HTTPS is designed to withstand such attacks and considered to be secure against them.
It contains layers of SSL and TLS for security purposes. Everything in https messages is encrypted including the headers and the request or response load. This layers of security confirms that the communications taking place via internet is safe.
The above points proves that HTTPS secures your website and It will helps you protect your information against any unauthorized person.