Man-in-the-middle (MITM)
A man-in-the-middle attack is when someone secretly intercepts or alters communication between two parties.
Security~1 min read
In plain English
When someone secretly sits between you and the site you’re talking to, reading or changing the data. HTTPS and HSTS help prevent this.
In a man-in-the-middle (MITM) attack, an attacker positions themselves between the user and the service (e.g. on the same Wi‑Fi or via DNS) to read or modify traffic. Unencrypted HTTP is vulnerable; HTTPS encrypts data so the attacker cannot read it.
HSTS and using HTTPS everywhere reduce the risk of MITM. Our SSL and header tools help you confirm sites use secure connections.