Register now or log in to join your professional community.
years ago I would have agreed with the other answers that HTTPS is unnecessary for most web sites. Today, I'm no longer convinced it's optional.
The cost of HTTPS are also minimal for each web connection.
The benefits far outweigh the costs in the modern computing environment on the Internet.
HTTPS is secure (SSL) version of HTTP Protocol. Main purpose of HTTPS is used to secure the data communication from Sniffers.
However, it is not a good practice to implement it with every website, because if a website is public and do not require any authentication then, there is no need to attach an additional encryption/decryption overhead to the data communication process.
Also, it is good (not mandatory) if the website Security Certificate is required to be signed by an Trusted signing authority.
Now-a-days, almost every website is using HTTPS for the user/session specific webpages and HTTP for the public pages.
Therefore, If someone is not using HTTPS accordingly, then it must not have awareness about the circumstances.
Only secure website use https
Not all websites require security features like encryption.
Also it adds cost for buying a SSL certificate to run a website on https.
However, SSL certfificates are getting cheaper nowadays
HTTPS( the SSL) adds latency which means a slower connection but surely secure.
just the HTTPS connection means a much slower world than todays technology.
SSL connection costs an extra buck compared to the normal HTTP & it doesnt support the virtual hosts.
hence considering the impact of HTTPS, many general websites still use HTTP connection for a faster browsing experience with minimal outage & less cost.
I would say not everyone can afford the SSL as one have to buy a dedicated IP to host the SSL certificate and it costs lot for those who are just running small level websites.
However now hope within few coming years people will tend to get the SSL due to Google latest release of giving priority to HTTPS sites over HTTP.
The most common type of SSL certificate requires that each Web site has a dedicated IP address. Shared hosting allows many sites on a single IP address; if we were to have every site on its own IP address we'd soon run out, assuming we don't switch to IPv6 which has its own problems. There are ways around this, but they're not universally supported in all browsers.
Because of the difference between the sites - social - educational - entertainment - Chat
Not all websites required to provide an additional security for their own sites.
Some of them are not sensitive contents.