/start: old fart tought…

Just forget about HTTP. It's unencrypted, which means that anybody over the network can sniff and look at what you are browsing. It's insecure which means that bad people can get in the middle and feed you malicious contents without your knowing.

HTTPS is encrypted and cannot be cached by intermediate proxies, and while it depends on certificates, nowadays it's easy and free to obtain them and the overall process is autmated too.

In other words: there is no need to keep using HTTP, switch over to HTTPS on all services. There is one place where HTTP still make sense, and is internally on your server between the actual service

/end …old fart tought.

+ reverse proxy etc