What does wwws mean?
Solution 1:
tl;dr;
The www
and wwws
prefixes don't affect the browser's choice of HTTP or HTTPS protocol.
A few organisations use wwws.
to suggest that HTTPS is supported and arrange redirection so that users don't have to type the https://
protocol specifier.
Currently, few organisations think this is worthwhile. There is a trend to drop prefixes like www.
.
In (a little) more detail
What does [wwws] mean?
Nothing. It is only a convention.
The prefix www
is non-functional, it has no effect on the protocol used. However I believe Tim Berners-Lee, the father of the World-Wide-Web, used it as a naming convention to indicate an HTTP server (i.e. a World Wide Web server). This helped to distinguish the server name from servers for other information-sharing protocols. E.g. some corporations had servers named ftp.example.com
, www.example.com
, mail.example.com
(or maybe even gopher.example.com
and wais.example.com
). These prefixes were convenient for network administrators who wished to be able to locate these different services on separate servers. Nowadays other means of doing this have arisen. It is arguable the hostname prefixes were not convenient to end users. Most web browsers have tried to remove this burden from users by automatically adding http://www.
and .com
when the user enters single word attempts at a URL.
What is it used for?
To suggest that the server may support privacy of data in transit and certification of server identity.
A few people have taken to using wwws
as a naming convention for HTTPS servers, i.e. servers that support HTTP over Secure-Sockets-Layer (SSL).
Since the name has no effect on protocols, you can run a HTTPS service on a server named example.com
or foo.example.com
or anything else.
The proponents of the wwws
convention say that wwws
is shorter and easier to type than https://
and they can therefore configure their servers to redirect a HTTP request for a wwws
hostname to an HTTPS URL as a convenience for users who explicitly want to use HTTPS instead of HTTP but who find typing https://
too much of a chore.
There are other ways to provide links to a secure version of a site. Most business that need security (shops, banks) will automatically redirect users to HTTPS pages without requiring users to type a special prefix to the hostname.
Why do only a handful of sites use it?
Since it has no functional purpose, almost nobody finds it a useful convention. The trend is to drop these prefixes (e.g. look above: superuser.com instead of www.superuser.com).
Try visiting these URLs:
- http://www.superuser.com
- https://www.superuser.com
Then check which URL shows up in the address bar of your browser.
Solution 2:
wwws
and www
are subdomains. They have no special meaning to a browser, other than the fact that they are part of a larger domain.
http://
, ftp://
, and https://
are examples of protocols, which do have special meaning and function.
Solution 3:
First of all, we need to distinguish between a protocol and a domain name. http:// and https:// denote protocols. The latter indicates that traffic should be encrypted using SSL, but otherwise is still just http://. This is important for certain parts of a web site. Any time you sign in to a web site, for example, you really ought to see https:// as the protocol(really: schema) portion of the url. Even any request that might send back cookies should probably use this (hint: that's almost all web browsing you do).
On the other hand, www and wwws are just parts of a domain name. They have no bearing on security at all.
That out of the way, there is a relatively recent convention to provision the wwws name such that the base page redirects requests for http://wwws.example.com to https://www.example.com. The reason for this is convenience. Users will often type a name like www.example.com
into their browser address bar. If they explicitly wanted the secure page, they would have to type https://www.example.com
into the address bar. Many site administrators want to encourage (but not force) this choice to use the secure page, and so configuring wwws
to work this way simply provides a shortcut to make finding the secure page that much easier.
However, this is still not that common, and even when it is there's nothing that forces a site with the wwws to be encrypted (https:// just plain won't work if the encryption isn't there. wwws still would.), and so you should still check that a wwws page has the expected protocol.
Solution 4:
http://no-www.org/index.php has some information about what the www prefix is and why its a little silly in this day and age.