What Is The Difference Between http and https?

/ Security /

Hyper Text Transfer Protocol (HTTP) – The set of rules for transferring files (text, graphic images, sound, video, and other multimedia files) on the internet.

Hyper Text Transfer Protocol Secure (HTTPS) – The secure version of HTTP, the protocol encrypted data connection between your browser and the website that you are connected to.

SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between a web server and a browser.

Scenario 1: Helen signs into http://example.com to check her email. Without a secure link, the hacker can see Helen’s password.

Scenario 2: Carol signs into https://example.com to check her email. With a secure link, the hacker only sees Helen encrypted password.

Some common question about SSL:

What is the different of single, multi-domain, or wildcard certificate SSL?

Single = cert only valid for 1 hostname. For example, if you apply a cert for abc.domain.com, only abc.domain.com will have valid SSL cert connection, domain.com or other subdomains like efg.domain.com will not work.

Multi-domain = you can apply for multiple hostname without domain restriction. You can apply the cert for domainA.com & abc.domainB.com.

Wildcart = cert will valid for any subdomain (unlimited) for 1 single domain only. Cert will be valid for abc.domainA.com, efg.domainA.com but it will not work for abc.domainB.com

What is the web standard for security?
2048-Bit SSL Certificates

What is the different of Facebook and Maybank SSL?

SSL certificate without showing green bar notice in a browser. Facebook is a domain-level validation certificate, which is the basic certificate. The certificate does not require additional supporting documents for approval, the registration process is fast and easy.

SSL certificate with showing green bar notice in a browser. Maybank SSL are using extended validation certificate, the certificate is much more expensive than normal certificate and it’s required to submit business documents for validation. It takes longer time for the certificate verification & approval.

What is the cost to install SSL certificate in Malaysia?
Currently, Serverfreak have a promotion for a single hostname Comodo Positive SSL package (domain-level validation cert) which is RM75/year + RM45 one-time setup fee. The normal price is RM150/year + RM95 one-time setup fee. For wildcard cert, it is RM350/year + RM45 one-time setup fee.

Are you looking for a free SSL certificate for your website?
CloudFlare enabling SSL by default for all their customers, even those who sign up a free plan.

Why the https padlock showing not secure sign?

It could be due to an expire certificate, server misconfiguration or the clock on user PC is not up to date.

Why the https padlock showing yellow mark?

Your connection to example.com is encrypted. However, this page includes other resources which are not secure. These resources can be viewed by others while in transit, and can be modified by an attacker to change the behavior of the page.

This error usually due to a website content contains both secure and insecure content, e.g. https://example.com contain non-secure image path http://example.com/image/test.png. Webmaster must change the entire website path to https://