0

HTTPS is the secure version of HTTP, which adds encryption, authentication and integration to the HTTP protocol. It is clear why banking websites and the websites with sensitive information are running using HTTPS, but why will normal websites run over HTTPS? What the benefits the site owner will get?

Glorfindel
  • 2,235
  • 6
  • 18
  • 30
Mr.lock
  • 345
  • 5
  • 14
  • 3
    Based on this current state of the question I assume that you did not do lots of research since even a simple search about [benefit http vs. https](https://www.google.com/search?q=benefit+http+vs.+https) will give you lots of information about the advantages to use https outside of the use cases you described. I recommend that you do more research by your own first and then come back with more specific questions. If you are specifically interested why web site owners should use https you might add the keyword *SEO* to your search. – Steffen Ullrich Mar 11 '17 at 07:19
  • 1
    Also, see the many questions here about this topic, like [Why do websites use HTTPS when they don't need to?](https://security.stackexchange.com/questions/52856/why-do-websites-use-https-when-they-dont-need-to), [Should a site have SSL if it doesn't have a login form?](https://security.stackexchange.com/questions/38832/should-a-site-have-ssl-if-it-doesnt-have-a-login-form). – Steffen Ullrich Mar 11 '17 at 07:29
  • They don't care about privacy or security, don't fool yourself; it's all about SEO trends – dandavis Mar 11 '17 at 14:11

2 Answers2

4

Saying that only critical applications need HTTPS is like saying that only those e-mails containing actual secrets need to remain private.

Privacy on the Internet is a bigger picture. If most of the websites you're visiting use HTTPS, it will be significantly more difficult for an eavesdropper to synthesize a profile of you and your habits. Also, the fact that you don't consider a particular website security-relevant might not apply to someone else. Someone in an oppressive regime might be at risk just for researching a particular news topic and will benefit from any news blog that serves its content over TLS.

Privacy aside, every download over HTTP gives a man-in-the-middle the opportunity to inject their own malicious content. A seemingly harmless download of a Word or PDF document could be silently replaced by malware. Then it won't matter that you downloaded it from a small site that seemed too unimportant to use HTTPS.

Especially with free certificate providers like Let's Encrypt, rolling out HTTPS even on small websites should be a no-brainer. You're contributing to a safer Internet where encryption hopefully soon becomes the norm.

Arminius
  • 43,922
  • 13
  • 140
  • 136
0

Using https means the information that is shared between the server and the client is encrypted. This means the that even if a hacker sees that information by sniffing it, the information remains non-readable to the hacker. Most information we share in internet is sensitive in one manner or the other. You may not realise it, but hackers and other marketing companies keep collecting information about you (sensitive or not).

This said, any user visiting a website will have a peace of mind when they see that the website they are using https. SSL certificates are relatively cheap and in return they provide a sense of trust to the visitors.

Consider yourself running a small shop with no big cash transactions. But still you will want your customers to trust you. Only then your business will flourish. This is is why even websites with 0 sensitive information use https. It also helps in SEO (Search Engine Optimisation).

wishchaser
  • 175
  • 1
  • 1
  • 8