VPN Over Https – You Need A VPN Even If Https Connections Are Secure

vpn over http

Most websites are rolling out HTTPS support since it is said to have become one of the many ranking signals used by Google. Of course, this could change any time as the case of Google ranking signals. But this is a different topic altogether. Here, we are going to talk about HTTPS and VPN and why HTTPS does not seem to be enough to protect you.

At first glance, we know that HTTPS means that you have a secure connection. There shouldn’t be any problem then. But still, privacy advocates advice the use of a VPN or Virtual Private Network despite connecting to a website that uses HTTPS. Online privacy is a serious matter. Read our article to know what could happen if we take this matter lightly.

Why is HTTPS not enough then? This article will answer these questions and more. Let us first define HTTPS and VPN separately in order to arrive at the answers.


VPN over Https-01

Hypertext Transfer Protocol Secure or HTTPS is a web transfer protocol which is a modified version of HTTP. The extra “S” at the end is an added layer of security which makes use of SSL or Secure Socket Layer.

What does this actually mean? Well, HTTPS provides encryption between you and the server of the website you are accessing, the one that’s using HTTPS. Technically, this encrypts traffic over port 443, but majority of web traffic is over at port 80 (HTTP) which remains unsecure.

Take for example websites owned by large companies such as Amazon and eBay. It uses HTTPS right from the landing page, and the same for the rest of its web pages. However, it is a different story for other, much smaller websites – like your local bike shop or cake supplier. With these smaller sites, you will be on port 80 (HTTP) most of the time, up until you’re ready to checkout. That’s only the time when you are directed to port 443 (HTTPS).

If someone was spying on you, he will know what you were buying, but he won’t necessarily see the bank details you entered upon checkout. But if he hacked into your system while you were on the unsecured port 80, then he can very well see everything you typed and clicked from that point on.

The verdict:

HTTPS provide some level of protection. However, there is still a risk that somebody can get into your system and see everything you do. This is because not all websites use HTTPS on all its web pages. Mostly, they only redirect you to HTTPS when you checkout.

Virtual Private Network

VPN over Https-02

A Virtual Private Network rides on a physical network to provide a secure connection between you and any server you are communicating to. Every data packet being sent between you and the website’s server is heavily encrypted, making it impossible for anyone to see what you were doing. It doesn’t even matter if the website you’re visiting uses HTTPS or HTTPS. The VPN secures all data regardless of the port you’re on.

If someone spies on you, they may know that you are using a VPN (that is, with the right tools). Your ISP or employer, for example, may see that you are on a virtual private network because they may have the tools to do this. However, they won’t see anything beyond that.

Another major feature or functionality of a VPN is that it hides your IP address. A spy that’s on the same network as you – let’s say in a coffee shop, for example – will see a different IP address but cannot trace it back to you. This is because when you connect to a VPN, you will be asked to connect to a server of your choice. If you are physically in New York, you can select a server that’s located in San Francisco or even Europe. Your IP address will automatically reflect the location of the selected server.

This functionality also triggers the ability of a VPN to bypass geographic restrictions such that when you select a server located in the UK, you will automatically have access to contents that are supposedly for people in the UK only. This comes in handy for people who are fond of watching high quality movies, TV shows, and videos.

Applications that are otherwise restricted in a country can also be accessed with the use of a VPN.

The verdict:

A VPN provides a complete and inclusive protection for your online activities. The type of connection, whether HTTP or HTTPS, will not even matter as long as you are connected to a VPN.  Also, applications that you use on the device where you installed the VPN, will be protected as well.

A VPN even works better when installed directly on your router. This way, all devices that connect to your network will be protected by the VPN. Users can access any website comfortably and securely.

To Wrap Up

Indeed, you need a VPN even though HTTPS connections are secure, this is because HTTPS only provide some level of protection. There will be a point in your browsing when you’re inevitably connected to the unsecured HTTP, and this tiny gap is enough for anyone to hack into. Once someone gets in to your system, there will be no stopping them.

The use of a VPN, on the other hand, will give you a holistic type of security. Everything from your device to the website or application you are accessing will be encrypted, making it impossible for anyone to see your activities.

Aside from security and privacy, a VPN also allows you to bypass geographical restrictions, and browse the internet at your own pace.

It is important to add also that not all VPN providers are advocates of privacy. Why do we say this? There are VPN providers who log your activities. They can actually sell these to advertisers, or disclose these to anyone who will request such data. Therefore, choose a provider with zero logging. This way, all your activities and information remain private and secure at all times.

The final verdict: Always prefer to use a VPN over HTTPS all the time and anywhere.