HTTP / HTTPS

HTTP

The Hyper Text Transfer Protocol (HTTP) is an protocol (official procedure or system of rules governing the system) for distributed, collaborative, hypermedia information systems. 

HTTP is the foundation of data communication for the World Wide Web. Hypertext is structured text that uses logical links (web hyperlinks) between nodes containing text.

HTTPS

HTTPS (HTTP over SSL or HTTP Secure) is the use of Secure Socket Layer (SSL) or Transport Layer Security (TLS) as a sublayer under regular HTTP application layering.

SSL - Secure Socket Layer

SSL is the standard security technology for establishing an encrypted link between a web server and a browser. 

This link ensures that all data passed between the web server and browsers remain private and integral.

TLS - Transport Layer Security

Data sent using HTTPS is secured via Transport Layer Security protocol (TLS), which provides three key layers of protection:
  • Encryption—encrypting the exchanged data to keep it secure from eavesdroppers. That means that while the user is browsing a website, nobody can "listen" to their conversations, track their activities across multiple pages, or steal their information.
  • Data integrity—data cannot be modified or corrupted during transfer, intentionally or otherwise, without being detected.
  • Authentication—proves that your users communicate with the intended website. It protects against man-in-the-middle attacks and builds user trust, which translates into other business benefits.
HTTPS encrypts and decrypts user page requests as well as the pages that are returned by the Web server.

Watch the video below, Mythbusitng HTTPS, that addresses stories about:
  • My site's not important enough for HTTPS.
  • HTTPS will slow down my site.
  • HTTPS will cost too much money.
  • I can more my site to HTTPS, but what about the 3rd parties I depend on?