It's not necessary, but it is recommended. Keep in mind that when you are accepting authentication methods (password) over a non-secure transmission (http), it is possible to obtain passwords and the like by other people. https encrypts this traffic to ensure even if someone obtains the traffic, it is next to impossible to decipher what that information is.
To enable https, means to enable ssl/tls on the webserver. Doing so will be as the other person mentioned, consulting your webserver documentation. You will also need a certificate which can be sel generating using various tools, or by obtaining one through a licensed certificate authority.
Hope this helps!
Hi there,
Is there any simple way of instead using http using https.
I was in doubt with ssl/tls is it necessary to use https ?
Thanks in advanced.