Web servers use HTTP by default, which is a clear text protocol. As the name suggests, a clear text protocol does not apply any form of encryption on the transit data. While the HTTP-based web server is very easy to set up, it has a major drawback in terms of security. Any “man-in-the-middle” is able to see the content of the transit packets with carefully placed packet sniffers. Taking the vulnerability one step further, a malicious user can even set up an impostor server in the transit path, which then pretends to be the actual destination web server. In this case, end users may actually communicate with the impostor server instead of the real destination server.