HSTS, or HTTP Strict Transport security header(Strict-Transport-Security) is set on your domain, a browser will do all requests to your site over https from then onwards. In case when a hacker is redirecting this user to a fake domain.com, the browser remembers to use SSL because of the HSTS, so requests the secure site.
Browser needs to visit your site first to see this header, this will be active only after the first visit.
You can set SSL certificate on your domain, anyone can still use your site over http. The simplest solution is to add a redirect to your site and forces it over SSL. But user is open to attacks when the hackers directs the request to a site pretending to be non secured domain.
If the SSL certificate gets flagged as invalid by the browser, the data exchanged between you and the website you’re trying to connect to will be transferred in cleartext. Potentially, any user credentials or other sensitive data communicated over the channel can be sniffed or stolen. It is always recommended not to proceed over an insecure connection.
The user’s visiting your website will lose trust due to a lack of perceivable credibility.
Some users might be convinced that you are hosting a malicious website and would choose to steer clear even after the issue gets fixed.
Adversely impacts business and brings down the reputation especially if you are not a known player experiencing a temporary technical glitch.
How to Get it freely?
If you have website which is using wordpress then you an use below plugin to get the free SSL certification and install it make the website from http to https. Click here to get it freely.
The intention behind having an SSL/TLS certificate was not just for authentication but also to establish the identity of the remote server with whom the client browser communicates.
SSL /TLS protocol to ensure that data travels securely over the wire. Encrypting data in transit helps to prevent any malicious user from sniffing the network to steal sensitive information like passwords, credit card details, etc.
SSL or Secure Sockets Layer and TLS (Transport Layer Security) are cryptographic protocols designed to provide a secure communication channel between clients and servers over the internet. TLS is the relatively newer version when compared to SSL, SSL is the older encryption protocol.
Yes My Career Start With struts FrameWork. From last two Year my career changed to ATG FrameWork. The ATG FrameWork is Art Technology Group FrameWork. This the Oldest FrameWork in the web. It is used mainly for E-commerce Purpose.
It has all the end to end in-build features.
When i changed to ATG FrameWork. It required great deal of Training and learning, Since it was very vast in nature. I got so many help in getting the knowledge and finally got certified in Oracle Web Commerce 11.