为什么不为所有东西使用HTTPS？ [英] Why not use HTTPS for everything?

问题描述

如果我正在设置服务器并拥有SSL证书，为什么我不会在整个网站上使用HTTPS而不仅仅是购买/登录？我认为加密整个网站并完全保护用户会更有意义。它可以防止诸如确定必须保护的内容之类的问题，因为一切都会对用户造成不便。

If I was setting up a server, and had the SSL certificate(s), why wouldn't I use HTTPS for the entire site instead of just for purchases/logins? I would think it would make more sense just to encrypt the entire site, and protect the user entirely. It would prevent problems such as deciding what has to be secured because everything would be, and it's not really an inconvenience to the user.

如果我已经在使用HTTPS网站的一部分，为什么我不想在整个网站上使用它？

If I was already using an HTTPS for part of the site, why wouldn't I want to use it for the entire site?

这是一个相关的问题：为什么https仅用于登录？，但答案并不令人满意。答案假设您无法将https应用于整个网站。

This is a related question: Why is https only used for login?, but the answers are not satisfactory. The answers assume you've not been able to apply https to the entire site.

推荐答案

我可以想到几个原因。

I can think of a couple reasons.

• 某些浏览器可能不支持SSL。


• SSL可能会稍微降低性能。如果用户正在下载大型公共文件，则每次加密这些文件可能会有系统负担。

这篇关于为什么不为所有东西使用HTTPS？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！