🏠 HomeSecurityBasics

🔐 Security Basics

Learn about firewalls, VPNs, HTTPS and the core concepts that keep systems and data safe.

🔍

⚠️ Threats & Attacks

DDoS, phishing, malware and social engineering.

→ 6 questions
🛡️ Firewalls
Q1What is a firewall?Beginner

A firewall is a network security device (hardware or software) that monitors and controls incoming and outgoing network traffic based on predetermined security rules.

It acts as a barrier between a trusted internal network and untrusted external networks (like the internet). It decides what traffic to allow or block.

  • Packet filtering — inspects each packet's IP/port and allows or denies it
  • Stateful inspection — tracks active connections and makes smarter decisions
  • Application layer — understands specific apps (e.g. HTTP, FTP) for deeper inspection
💡 Your home router has a built-in firewall. Most operating systems (Windows, macOS, Linux) also include a software firewall.
Q2What is the difference between a hardware and software firewall?Intermediate

A hardware firewall is a dedicated physical device placed between your network and the internet. It protects all devices on the network. Used by businesses and enterprises.

A software firewall is a program installed on a single computer. It only protects that one device. Examples: Windows Defender Firewall, UFW on Linux.

⚠️ Best practice is to use both — a hardware firewall at the network edge and a software firewall on each individual machine (defence in depth).
🔒 HTTPS & Encryption
Q3What is the difference between HTTP and HTTPS?Beginner

HTTP (HyperText Transfer Protocol) transfers data between browser and server in plain text — anyone intercepting the connection can read it.

HTTPS (HTTP Secure) adds a layer of encryption using TLS (Transport Layer Security). Data is encrypted in transit so it cannot be read by eavesdroppers.

  • HTTPS uses port 443; HTTP uses port 80
  • HTTPS requires an SSL/TLS certificate installed on the server
  • The padlock icon 🔒 in your browser means HTTPS is active
💡 Google penalises non-HTTPS sites in search rankings. Free certificates are available via Let's Encrypt.
Q4What is an SSL/TLS certificate?Beginner

An SSL/TLS certificate is a digital certificate that authenticates a website's identity and enables encrypted connections. It proves that the website is who it claims to be.

When you visit an HTTPS site, your browser and the server perform a "TLS handshake" — they agree on encryption keys without sending them in the open. All subsequent traffic is encrypted.

💡 Most hosting providers offer free SSL certificates via Let's Encrypt, often installable with one click from your cPanel or hosting dashboard.
🌐 VPN
Q5What is a VPN?Beginner

A VPN (Virtual Private Network) creates an encrypted tunnel between your device and a VPN server. All your internet traffic routes through this tunnel, hiding your activity from your ISP, hackers on public Wi-Fi, and websites.

Common uses:

  • Securing traffic on public Wi-Fi (cafes, airports)
  • Remote workers securely accessing company networks
  • Bypassing geo-restrictions on content
  • Masking your real IP address from websites
⚠️ A VPN does not make you completely anonymous online — the VPN provider can still see your traffic. Choose a reputable provider with a no-logs policy.