Skip to content
Help Center

What is TLS and how does it protect web connections?

TLS (Transport Layer Security): what it is, what it's for, and how it relates to security within a hosting service.

Quick summary

  • What it is: TLS (Transport Layer Security) is the standard cryptographic protocol that protects communications between a client (browser, email client) and a server.
  • What it's for: it helps protect the website, email, access and service reputation.
  • When to check it: when activating certificates, reviewing access, analyzing threats or wanting to reduce risks on your site.

TLS (Transport Layer Security) is the standard cryptographic protocol that protects communications between a client (browser, email client) and a server. It is the successor and evolution of the SSL protocol, although in practice many users still use the name "SSL" to refer to TLS.

What does TLS protect?

TLS guarantees three things in every communication:

  • Confidentiality: Data travels encrypted and cannot be read by third parties who intercept the traffic.
  • Integrity: Data has not been modified during transit.
  • Authentication: Confirms that you are connecting to the correct server and not a fake one (thanks to the SSL/TLS certificate).

TLS and SSL: are they the same?

SSL (Secure Sockets Layer) was the original protocol, designed in the 90s. TLS is its direct successor and is designed to be more secure. SSL versions are obsolete and discouraged. Today, when someone says they have "SSL" activated, they are actually using TLS 1.2 or TLS 1.3.

The current recommended version is TLS 1.3, although TLS 1.2 is still widely compatible.

Where do you encounter TLS?

TLS appears in multiple hosting and email contexts:

  • HTTPS on the web: The padlock you see in the browser indicates the connection uses TLS.
  • Email client configuration: When setting up an email account in Outlook, Thunderbird or on mobile, you will see options such as "SSL/TLS" or "STARTTLS" to secure the connection to the mail server.
  • Hosting control panel: When installing or renewing an SSL certificate, you are actually activating TLS on your domain.
  • SFTP and SSH: Although they use SSH (not TLS directly), the idea of connection encryption is the same.

STARTTLS vs SSL/TLS in email

In email configuration you may find two encryption options:

  • SSL/TLS: The connection starts encrypted from the first moment. Common ports: 993 (IMAP), 465 (SMTP).
  • STARTTLS: The connection starts unencrypted and then "upgrades" to encrypted. Common ports: 143 (IMAP), 587 (SMTP).

Both options are secure if properly configured. SSL/TLS is the preferred option in most cases.

Why it matters in hosting

Understanding this concept will help you make better decisions when managing your service. In practice, it relates to protecting the website, email, access and service reputation. If it appears in a guide, the control panel or a support response, review the context before making changes.

Related articles

  • SSL Certificate
  • AutoSSL
  • Firewall
  • Malware
  • Phishing