Wikipedia To Use HTTP And HSTS Security To Stop Governments Censorship


Wikipedia has announced they are in the process of implementing HTTPS by default to all its traffic. According to the company, this is not new to the site because in fact since 2011, users could access to Wikipedia manually. In addition since 2013, those users who log in to the site were by default re-routed to use HTTPS so as to keep their usernames and passwords secure.

If you don’t know what HTTPS is, it is that protocol that creates an encrypted connection between your computer and the site you are browsing on so that to boost security. It is a popular deployment in the internet which protects against attacks “in between” the user (client) and the server. These attacks could be incidences like eavesdropping or tampering with information being shared between the client and the server.

Initially, HTTPS were used by websites which dealt with payment transactions, email and in corporate systems where sensitive information can be shared. This is how the URL will look like by default if you login to the site:

Wikipedia also announced that they will also use HSTS (HTTP Strict Transport Security) which protects against efforts to break the HTTPS security measures so that users can be able to share information more securely. The company believes this sort of encryption is necessary because governments can easily monitor sensitive information which could lead to disciplinary action of those citizens, accounts could be hacked, page censoring and information like passwords could be revealed.

The company revealed it was not easy to migrate to HTTPS as default because they needed to update their servers and code. Also, they have been calibrating the backend HTTPS system while considering the various devices users access the site to , so as to prevent negative impacts related to user experience like slow page load times.

Wikipedia expects to complete these final steps of transition to HTTPS in the next couple of weeks.

Source: Wikimedia Blog