A security warning when accessing a site through IP
It's because you generally create a TLS Certificate for an hostname, not an IP. Changing IP addresses is trivial, changing domains are not that common.
If you open the site in Firefox using IP, you will see this message:
66.33.204.254 uses an invalid security certificate.
The certificate is only valid for the following names:
schneier.com, www.schneier.com
Opening 216.58.211.14 (Google) will give the same message.
The error indicates that you have reached a site that cannot prove it owns the address that you entered in the address bar.
Imagine this. You visit https://www.google.com
. You check the certificate for the connection and discover that it was actually issued to www.DeathToAmerica.ru
. This is a strong indication that your browser hasn't actually reached google.com. Instead, your communications have been intercepted in what is known as a Man in the Middle(MitM) Attack. Your communications are still encrypted, but they are being sent to (and decrypted by) an unknown entity.
To protect against this, your browser will automatically check the address that you entered against the certificate. Whenever they do not match, it will display the error that you are seeing.
Since you entered 66.33.204.254
but the certificate was issued to www.schneier.com
you will get the error. This indicates that the site you have reached cannot prove that it owns 66.33.204.254
.
Generally speaking, a CA will not issue a cert for an IP address. If you need to access a site that is not in DNS, and you must use https, and you don't want to see that error, I suggest you use a host entry.