what is difference between http and https?
Have you noticed that there are two types of homepage URLs starting with http: // and starting with https: //. It is only a difference whether “http” has a small “s” or not, but by correctly understanding what this implies, you can reduce the risk of you being at risk of Internet fraud.
HTTP (Hyper Text Transfer Protocol) and HTTPS (Hypertext Transfer Protocol Secure) are rules on what communication means to use when viewing the homepage. If the beginning of the URL is “https: //”, the communication content will be encrypted. You start communicating with “http: //” without encrypting it.
Impact on SEO
Google announces that “always-on SSL” will affect SEO measures. Always SSL is a security technique that converts all pages of a Web site into HTTPS (SSL/TLS encryption). In 2014, The fact that Google mentioned using HTTPS as a ranking signal as mentioned below made it clear that it would be given preferential treatment at SEO.
The flow of switching from HTTP to HTTPS
- Change external loading URL
- Acquisition / Installation of SSL certificate
- Change the URL of uploaded media
- Change website URL
- Redirect from ‘HTTP’ to ‘HTTPS’
- Just to be sure, checking ‘Mixed content’ again
- Register Google Search Console (Google Search Console)
- Change the setting of Google Analytics (Google Analytics)
What are SSL and TLS?
SSL is an abbreviation for Secure Sockets Layer, it keeps the Internet connection secure, protects all confidential information transmitted between the two systems. The SSL certificate is installed on the server side, but it is visually displayed on the browser so that the user can be told that it is protected by SSL. It is one of the electronic certificates and acts as a role like a seal stamp certificate for the server. The certificate authority issues a certificate that associates the public key (encryption key) used for encryption of SSL communication, the common name (FQDN), and the owner information of the domain with the certificate authority. The issued SSL server certificate is installed on the Web server or mail server.
TLS (Transport Layer Security) is a successor protocol that strengthens the security of SSL. The function of TLS is authentication to verify that the communication partner is authentic, prevention of eavesdropping by third parties, detection of tampering of messages. The TLS server validation component provides authentication of the server to the client. If configured to request client-side certificates, TLS also serves as client authentication for the server.
Flow to SSL Encrypted Communication
SSL encrypted communication is started between the Web server and Web browser with the following flow.
- Agreement of SSL Encryption Algorithm (SSL encryption specification negotiation) – Determine the safest SSL encryption specification that both the Web browser and Web server can use.
- SSL Server Certificate Presentation – The Web server sends the SSL server certificate to the Web browser. The Web browser checks the received SSL server certificate.
- Generate Original Data & Generate A Common Key – The Web browser creates data that is the source of the common key, encrypts it with the public key of the SSL server certificate, and sends it to the Web server. Both use the same original data and generate a common key (they produce exactly the same thing).
- SSL Encrypted Communication Start – After that, SSL encrypted communication of actual data is started.
Advantages of using HTTPS
- Eavesdropping, packet tampering, prevention of impersonation
- Encryption of information including a cookie
- Reliability of the site increases
- Higher security for users
- Evaluation of search engine goes up
The integrity of data guaranteed