HTTP vs HTTPS

Terms and Definition: Hyper Text Transfer Protocol Secure (HTTPS) is the secure version of HTTP, it uses the the Secure Sockets Layer (SSL) protocol over which data is sent between your browser and the website that you are connected to. The ‘S’ at the end of HTTPS stands for ‘Secure’. It means all communications between your browser and the website are encrypted. An “SSL certificate” is necessary to create an SSL connection.

Website forms and other places you enter information into, should always use these security measures. If you ever see a scary message like, “There’s a problem with the websites security certificate” or “This connection is untrusted” do not enter secure information!

Browsers are advising to always use the secure protocol and are increasingly showing these scary messages, even if there is no information exchange through a form. For this reason, most of our websites now always use the secure protocol.

What you should know:

  • If the page is using the secure protocol all content included or embedded on the page, like images or iFrames, must be perceived by the browser to be secure.
    • For internal content, such as images, use a relative link.
    • For embedded content, like iFrames,  “protocol relative” (remove the http or https from the source code path, ex. src=””//www.youtube.com”)
  • If you are logged in and copy a URL to share, make sure to test it in a browser where you are not logged in to makes sure your audience will see the content as expected. If not, you may need to add or remove the “s” from the path before you share it.
  • Never enter secure information into a website that is not using the secure protocol or loads a scary message.