HTTP vs HTTPS

H

HTTP is the short form of Hyper Text Transfer Protocol – the protocol through which we see the websites on the internet. The communication is made to and from the user’s web browser to the web-server where the website’s files are hosted. The web browser requests the server for the files that the user wants to see which are sent by the server to the web-browser. Once the user’s web-browser receives the files, they are rendered onto the screen for the user to see and interact with.

Plain HTTP is insecure since the data communication made through this protocol is not encrypted. Thus, if any third party is able to intercept the communication being done between two systems via HTTP protocol, the entire content can be seen by the intermediary. This can be harmful if you are sharing usernames and passwords over the HTTP protocol.

HTTP vs HTTPS
The green icon means the website is using HTTPS and is secure. The red icon means the website is not secure and uses unencrypted communication.

To overcome this issue, there exists HTTPS protocol – the “S” in the end stands for “secure”. The HTTPS protocol uses something called SSL or Secure Sockets Layer which encrypts the communication that is happening between two computers (or a web-server and a web-browser). HTTP uses TCP Port 80 and HTTPS Port 443.

This SSL is ensured by the presence of an SSL Certificate from a renowned Certification Authority. This SSL certificate ensures that the web-traffic to and from the website is encrypted and also ensures that the website is an authentic one (and thus avoids phishing attacks). HTTPS also uses TLS or Transport Layer Security which provides data integrity functionality (and thus helps in preventing data modification/corruption) as well as provides authentication.

Now-a-days, all websites are making a move towards HTTPS websites due to the increase in web-attacks. Many search engines may also show HTTPS websites up in the results as compared to HTTP websites.

You should avoid using any private data (email id, passwords, usernames, credit card numbers, etc) on HTTP websites.

For Wikipedia entry on HTTP, click here.

For Wikipedia entry on HTTPS, click here.

For more posts on Internet, click here.

For more posts in The Cyber Cops project, click here.

Add Comment

Leave a Reply

The Cyber Cops Logo

About “The Cyber Cops”

Please see About page for more on The Cyber Cops project.

In case you have any suggestions, please do get in touch through by emailing me at aman@thecybercops.net or amandeep.89@ips.gov.in

All content is copyright material. For using it, please contact on the email address mentioned above – the policy is quite liberal for allowing the use of content from this website. Some of the content is taken from Wikipedia. If content has been sourced from another website, it has been mentioned on the relevant page itself. This project shows its gratitude towards the Wikipedia Project.