CloudFlare, a San Francisco start-up that offers cloud-based optimization and online cybersecurity protection, said it plans to offer websites free encrypted HTTPS connections.
HTTPS, or Hypertext Transfer Protocol Secure, is an encrypted connection between a user's computer and website's servers that prevents hackers from stealing sensitive information, such as a Web user's login and password.
About 2 million websites, including Facebook,
But adding the security protection requires purchasing an annual certificate, and it can be complicated and costly for companies with complex websites to enable HTTPS.
Enabling HTTPS for free will be costly for CloudFlare, which will have to obtain a certificate for every website that signs up. But free HTTPS will introduce CloudFlare to more customers, some of whom may eventually sign up for one of its paid plans, which range from $20 per month to thousands of dollars per month for clients with intricate websites.
Michelle Zatlyn, CloudFlare co-founder and head of user experience, says securing more websites will make it easier for her company to defend its clients from distributed denial of service attacks, which is when a hacker uses a botnet, or a network of infected computers and Web servers, to crash a website with more traffic than it can handle.
"We provide security for a lot of big customers, and if someone runs a small blogging site or a personal website and they get compromised they can be used as part of a botnet to launch larger attacks," she said. "We care about making everyone on the Internet secure so they can no longer be used as ammunition."
The company, which is working on the technical requirements to support all the websites that they expect to sign up, plans to begin offering the free service in mid-October.