SSL is not only important for – Piggington's Econo-Almanac

February 16, 2016 at 12:51 PM #794367

Participant

SSL is not only important for submitting data (logins, passwords, etc), it is also important to ensure that what you’re getting back from the server is unaltered. Non-SSL transmissions can be modified on the wire, which means you can’t trust what you see in your browser. For example, there was an airport a few years back that got into trouble for injecting ads into websites for people browsing on their free WiFi. This example is rather tame (annoying ads) but you can imagine injecting more nefarious things into the payload: keyloggers, re-writing forms to submit to 3rd party servers, etc. SSL prevents tampering with the raw HTML/JS/CSS that the server sends to your browser.

SSL certs are basically free now (https://helloworld.letsencrypt.org/, https://aws.amazon.com/blogs/aws/new-aws-certificate-manager-deploy-ssltls-based-apps-on-aws/) so it’s only a matter of time before SSL becomes the norm for *everything* and not just login forms/banks/etc. Google even bumps your pagerank if your site is SSL, and penalizes non-SSL sites.

Basically:

Website Design and Development by:

Green Bay Net