WHAT IS A SECURE URL?
Before we get into the specifics of why you shouldn’t be utilizing websites that aren’t secure, let’s look at how a URL is built. For example, let us take the link to this page: "https://www.kcstech.com/cyber-safety/secure-websites", how does this link exactly work?
Simple URL Breakdown
Scheme: At the beginning of the URL you’ll find the scheme, this will either be one of two protocols HTTPS or HTTP (unsecured version). This scheme indicates what the browser must use to request the recourses.
Domain Name: This part of the URL is most important, the domain name indicated to the browser to which Web server you’re requesting. Usually, this is a name like ‘kcstech.com’ or it could also be an IP address. The browser converts the name ‘kcstech.com’ into the IP address for our server.
Path: The path is telling the browser which exact files you’re looking for on the Web server of the website you are browsing.
Popular browsers like Google Chrome are labeling all HTTP traffic as “not secure”, which makes it easy for you the consumer of the internet more aware of the websites you’re visiting. But what makes an HTTPS website more secure over HTTP? Websites with the HTTPS Scheme are more secure because of something called SSL. SSL is a certificate that is hosted on the Web Server, and it’s encrypting the connection between you and the Web server.
To learn more about SSL Certificates, visit the CLOUDFLARE page that goes into more detail.
So now you know what makes up a simple URL like the one that brings you to this page, but what else do you need to know when browsing the internet, and ensure you’re on a secure website?
HOW TO FIND OUT IF A WEBSITE IS SECURE?
1) Analyze the URL
The most important and the first thing you should check when visiting a website is the URL, as mentioned above the website you’re visiting must have a secure connection. An SSL Certificate is what makes the HTTPS show up as the URL Scheme but getting this secure connection between you and the Web server isn’t too complicated for a savvy attacker.
What’s also important is the Domain Name, make sure that the domain name is correct. Some companies choose to buy some common misspelling of their domain name and reroute that traffic to the correct domain server. But business-like Netflix, Apple, or Google will never operate under the improper correctly spelled domain name.
When shopping online you want to make sure that the website that you are visiting and transacting on has the HTTPS connection, because that SSL certification encrypts the data that’s being transferred. This encryption will allow for a secure transfer of payment information to the business’s payment processor.
2) Using a security tool to evaluate the site
Modern-day anti-virus software includes a website analyzing tool that will check the security of the websites before visiting the sites, and while you’re using the website. You can learn more about why to use an anti-virus program here
Another tool that tracks websites to ensure safe browsing, would be Google Safe Browsing. This tool provides a Transparency Report that shows you whether the tool has been determined to be dangerous, and for what reason.
3) Check it’s up to date
A website that hasn’t been updated in a while could have vulnerabilities. Depending on how the website has been developed could have plugins or snippets of code that are open to attacks or malware. If a website looks like it hasn’t been updated in a long time, proceed with caution, it’s better to skip a purchase than to let your personal information end up in the wrong hands.
Websites developed on WordPress have a big issue with staying up-to-date, the biggest issue with these websites? They're vulnerable due to themes and plugins. That’s why it’s important to check websites are running as they should and aren’t broken or outdated.
4) Who owns the site?
You can easily find out who owns that website and verify the identity of who is behind said website, this cool search tool is Domain Name Registration Data Lookup. You can locate figure out who is behind the website using Whois data.
Using these four easy steps to ensure that a website is what it says it is, you’ll be able to navigate through the internet with peace of mind, knowing that you know how to tell if a website is secure, and if you can trust your connection is secured from any prying eyes that aren’t you and the host. Here are some other points to remember when using the internet.
- Use a Credit Card vs. Debit Card
- Avoid sharing too much personal data
- Don’t share passwords
- Avoid Scam Popups (if it sounds too good, it isn’t true)
- Look into possibly using a VPN
- Incognito Mode when you don’t want to browse and cookies to track you
- Don’t click on links that you’re not sure of
- Ensure the payment processor used by a website is secure
There are many more things that you can do during your travels of the world wide web, but if you follow this post, you’ll be on your way to using a secure connection while on the internet and making sure that you stay away from unsecured sources.