Difference between HTTP and HTTPS
Whenever we are browsing on internet we observe that, URL of websites start with either HTTP or HTTPS. So what does this indicate? In this blog I will try to give a brief explanation of this.
So First of all we will discuss what is the exact meaning of HTTP and HTTPS.
HTTP:-
HTTP stands for Hypertext Transfer Protocol. It is a protocol which allows the fetching of resources, such as HTML documents. It is most commonly used to transfer data from a web server to a browser in order to allow users to view web pages. HTTP clients generally use Transmission Control Protocol (TCP) connections to communicate with servers. HTTP is less secure than HTTPS.
HTTPS:-
Hypertext transfer protocol secure (HTTPS) is the secure version of HTTP, which is the primary protocol used to send data between a web browser and a website. HTTPS is encrypted in order to increase security of data transfer. These websites contain sensitive data like bank account login, or some personal data. HTTPS is more secure than HTTP. Following figure shows a HTTPS website.
Why HTTPS is more secure than HTTP?
So the main reason behind that is- In HTTP requests and responses are sent in plaintext, which means it is not protected anyone can read the text. So here data is not secure. HTTPS corrects this problem by using TLS/SSL encryption.
What is SSL? SSL stands for secure sockets layer. Secure Sockets Layer (SSL) is a standard security technology for establishing an encrypted link between a server and a client ,typically a web server. SSL allows sensitive information such as credit card numbers, bank account credentials to be transmitted securely.
What is TLS? TLS stands for Transport Layer Security. TLS helps provide data integrity, which helps prevent the transfer of data from being modified or corrupted . TLS evolved from a previous encryption protocol called Secure Sockets Layer (SSL).Sometimes these terms are used interchangeably.
The figure 1.3 shows how a hacker can see the password in HTTP but cannot see the password in HTTPS as it is encrypted. So this makes HTTPS more secure than HTTP. HTTP can also be used for websites which may not contain any sensitive data.
