Server Name Indication (SNI) technology is an essential solution companies use to manage their various business websites. Each hostname requires a unique IP address to access. While purchasing public IP addresses is only sometimes cost-effective, and lack of IP addresses can also be a problem, SNI technology provides an effective solution.
The Role of Server Name Indication in Web Security
SNI (Server Name Indication) is a technology that allows multiple websites or hostnames to be hosted on the same public IP address without the need to acquire separate IP addresses for each host. It is an extension of the TLS protocol, which indicates to the browser at the beginning of the handshake process that the hostname is being contacted.
Be sure to read this, too.
Protecting Your IP Address Using an SSL Certificate
How SNI Technology Works in Web Security ?
To understand how SNI works, I’ll give a simple example. A server hosting multiple websites on the same IP address is like an apartment building where 10 families live together. Visitors must know the correct house number and floor to reach a specific family.
This is how SNI works—a server can host multiple TLS/SSL-enabled websites on the same public IP address. To access a specific website, the client (browser) specifies the website it wants to contact during the handshake process.
In greater detail, a server with SNI support transmits the hostname as part of the TLS handshake initiation. This helps the server direct the request to the correct website. Without SNI, a server could not resolve the client’s correct request.

The Role of Encrypted SNI in Secure Connections
ESNI (Encrypted SNI) is a technology that encrypts the SNI information sent by the client, while other Client Hello messages are in plaintext. The server publishes its public key in a known DNS record, which the client can collect before connecting. The client then adds an “Encrypted SNI” extension to the Client Hello, which encrypts the original SNI extension and is encrypted only by the server’s public key.
Since the server has the private key and the shared encryption key is passed, it can decrypt the extension and establish the connection. Since only the client and the connected server can obtain the encryption key, the SNI information is protected from third parties.
How to Configure SNI for Your Website
Enabling SNI requires different steps on different types of servers. Contact us, and we can help you allow it on your server.