Data that requires protection is usually transmitted between browser and server in encrypted form, and the HTTPS protocol is used for this purpose. It is based on the SSL encryption method. The data is only readable by the two end points of an HTTPS connection; intermediaries in the transmission cannot "see" the transmitted information at all. Nevertheless, this encrypted data could itself represent an attack, so it is essential for a protective instance such as a web application firewall to terminate the SSL protocol. This gives it access to the data transmitted from the browser, so attacks can be detected and warded off in this way. Safe transmissions are re-encrypted as necessary and forwarded to the server.