HTTPS

The IpForensics API supports HTTP and HTTPS protocols. Although HTTP is kept for legacy reasons, we recommend calling all endpoints with HTTPS to ensure privacy, security and best performances.

Please also note that data sent using HTTPS is secured via Transport Layer Security protocol (TLS), which provides three key layers of protection:

1. Authentication — proves that your users communicate with the intended website. It protects against man-in-the-middle attacks and builds user trust, which translates into other business benefits.

2. Encryption — encrypting the exchanged data to keep it secure from eavesdroppers. That means that while the user is browsing a website, nobody can "listen" to their conversations, track their activities across multiple pages, or steal their information.

3. Data integrity — data cannot be modified or corrupted during transfer, intentionally or otherwise, without being detected.

For security reasons, you need to use at least TLS 1.2 to communicate with the IpForensics API in a secure way. Certificate generation is currently managed by Cloudflare. The cipher suites supported depending on the versions of TLS are described on the next page:

Cipher suites · Cloudflare SSL/TLS docsCipher suites · Cloudflare SSL/TLS docs