Adding an s to the http to make it secure is interesting. It’s tempting to see what will happen when you try it. But even when it works, I have some concerns.
Become a Patron of Ask Leo! and go ad-free!
Adding the s
Normally, adding an s to http just won’t work. Http and https are two completely different kinds of connections and require two different sets of support from the web server. Https requires additional things like a secure certificate that actually confirms that you’re connecting to who you think you’re connecting to – and supports the encryption of your data that happens between your computer and that site.
For example, if you add an s to http://askleo.com, it’s not going to work; I didn’t set up https://askleo.com as a secure website.
In situations like yours, where the site just magically works after adding an s, I sometimes get concerned.
Signs of concern
It could be fine. If the site is ultimately going to use https, they may have left the plain http working. It’s a duplication of effort, but I can see it happening.
Still, they could have set their site up so that the switch from http to an https secure site is not only required, but automatic and transparent to you. If https is available, why aren’t they directing users to it? If they’re not doing it when they can, will they do it when they should? And what else might they be missing?
I’m fairly confident that you’re not stumbling into some malicious or fake site, but you might be hitting a site that doesn’t quite have all of its security ducks in a row.
As always, my advice is to be careful.