Shulou(Shulou.com)06/01 Report--

Citic ssl certificate

1. The HTTP page will be marked "unsafe"

When users visit the site, no one wants a red alert on the browser, but if your site uses HTTP links to transmit data, the red alert will become the norm.

In the past, browsers did not have any tags for unsafe HTTP pages, but HTTPS pages with some unsafe factors displayed security warnings, which made people think that HTTPS pages with unsafe factors were not as secure as HTTP pages, which was very wrong. Google and Firefox will further optimize their logos to distinguish between HTTP unsecured connections and HTTPS secure connections. Google Chrome will give a red cross to all HTTP sites, and users will experience this new feature in Chrome 48 or some older versions; Firefox will warn pages that "submit passwords using non-HTTPS" starting with Firefox developer version 46.

2. HTTP/2 protocol only supports HTTPS encrypted connections.

All major browsers only support the HTTP/2 protocol that securely connects using the TLS1.2 protocol. Chrome, Firefox, Safari, Opera, IE, and Edge all require HTTPS encrypted connections to use the HTTP/2 protocol. This is another positive driver for website owners.

3. HTTPS encryption makes the website faster!

First of all, the emphasis on speed is because the performance of a website is usually directly linked to indicators such as the transformation of visitor sales and the impact of page loading time on revenue. This is a very, very widely documented issue, and there are many large websites and tools that can show how HTTPS is becoming faster.

4. HTTPS encryption prevents traffic hijacking of intermediaries.

When your website transmits web content through HTTP connection, any transmission node such as WiFi node, operator, router and so on can hijack, tamper, maliciously inject and so on, such as the advertisement pop-up window that you are used to. Many people are numb to this and think that traffic hijacking will not cause any loss, but the server using HTTP unsafe connection is actually leaving a back door for * * to inject any malicious content into your web page, such as a theft number * *, to steal website data or target your end users in a variety of ways that you are not aware of. HTTPS encryption can effectively prevent traffic hijacking, especially the station-wide HTTPS encryption, encapsulating all traffic encrypted transmission, so that there is no opportunity for the middleman.

5. HTTPS encryption improves search ranking

Google announced as early as 2014 that it would use HTTPS encryption as an important factor affecting search rankings and give priority to indexing HTTPS pages. Baidu also announced that it is open to include https sites, and the http version and https version of the same domain name are the same site, giving priority to the https version. Baidu officials also said that the website HTTPS encryption will not have a negative impact on traffic. Under the advocacy and practice of the search engine giant, we can foresee that HTTPS encryption will have more and more influence in the future.

6. Both iOS and Android require HTTPS encryption

Both Apple's iOS's App Transport Security and Google's Android's usesCleartextTraffic manifest attribute push mobile APP to communicate using HTTPS encrypted connections by default. Apple iOS forces APP to use HTTPS encrypted connections, and the requirements are very strict, including only using TLS1.2 protocol, must use RSA2048 bit or ECC256 bit public key algorithm and SHA256 signature algorithm and so on. If your content or API interface needs to be used on mobile APP, you must use HTTPS encrypted connection as required.

7. Super permission application forbids HTTP connection

Google Chrome security team announced that access to browser-specific features using insecure connections will be banned, such as geolocation applications, application caching, access to user media, etc.

Using an insecure HTTP connection to access and send user location information may lead to the leakage of user information. Ensuring that this kind of super privilege functions use HTTPS secure connection is an important step in using these functions. If you have recently used some of these features and want to continue to use them on your site, you must make these pages use HTTPS encrypted connections.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.