HTTPS

Hypertext Transfer Protocol Secure

HTTPS mitigates the simplicity of a MitM attack that can occur on HTTP. This is because all communications are sent encrypted.

HTTPS is the mainstream for all websites and HTTP is being phased out.

HTTPS Overview

Check out the difference between a login request between HTTP and HTTPS

In HTTP the login credentials are clearly visible. Not so much with HTTPS.

One caveat of HTTPS is that if the request goes through an unencrypted DNS then the site visited may still be visible. This can be mitigated by using an encrypted DNS (ex: 8.8.8.8, 1.2.3.4) or use a VPN. This way you can be sure all traffic is encrypted.

PreviouscURL NextHTTPS Flow

Last updated 3 years ago