HTTP is the short form of Hyper Text Transfer Protocol – the protocol through which we see the websites on the internet. The communication is made to and from the user’s web browser to the web-server where the website’s files are hosted. The web browser requests the server for the files that the user wants to see which are sent by the server to the web-browser. Once the user’s web-browser receives the files, they are rendered onto the screen for the user to see and interact with.
Plain HTTP is insecure since the data communication made through this protocol is not encrypted. Thus, if any third party is able to intercept the communication being done between two systems via HTTP protocol, the entire content can be seen by the intermediary. This can be harmful if you are sharing usernames and passwords over the HTTP protocol.
To overcome this issue, there exists HTTPS protocol – the “S” in the end stands for “secure”. The HTTPS protocol uses something called SSL or Secure Sockets Layer which encrypts the communication that is happening between two computers (or a web-server and a web-browser). HTTP uses TCP Port 80 and HTTPS Port 443.
This SSL is ensured by the presence of an SSL Certificate from a renowned Certification Authority. This SSL certificate ensures that the web-traffic to and from the website is encrypted and also ensures that the website is an authentic one (and thus avoids phishing attacks). HTTPS also uses TLS or Transport Layer Security which provides data integrity functionality (and thus helps in preventing data modification/corruption) as well as provides authentication.
Now-a-days, all websites are making a move towards HTTPS websites due to the increase in web-attacks. Many search engines may also show HTTPS websites up in the results as compared to HTTP websites.
You should avoid using any private data (email id, passwords, usernames, credit card numbers, etc) on HTTP websites.
For Wikipedia entry on HTTP, click here.
For Wikipedia entry on HTTPS, click here.
For more posts on Internet, click here.
For more posts in The Cyber Cops project, click here.