HTTP vs HTTPS

ยท

2 min read

HTTP:

  • HyperText Transfer Protocol (HTTP) is a protocol using which hypertext is transferred over the Web.
  • Due to its simplicity, HTTP has been the most widely used protocol for data transfer over the Web.
  • Hyper-text exchanged using HTTP goes as plain text, anyone between the browser and server can read it by monitoring the cycle. Hence using HTTP is not secure!
  • Every HTTP connection establishes a TCP (very reliable) connection between server and client. If 10 requests are made, 10 TCP requests are created.
  • Heavy, each request contains the body, HTTP methods, HTTP headers (content type, content length), host information, etc.

HTTPS:

  • HyperText Transfer Protocol Secure (HTTPS) is a secure version of HTTP.
  • It encrypts the data sent in the request so that it cannot be hacked.
  • HTTPS = HTTP + Encryption

Example:

HTTP request:

GET /hello.txt HTTP/1.1
User-Agent: curl/7.63.0 libcurl/7.63.0 OpenSSL/1.1.l zlib/1.2.11
Host: www.example.com
Accept-Language: en

HTTPS request:

t8Fw6T8UV81pQfyhDkhebbz7+oiwldr1j2gHBB3L3RFTRsQCpaSnSBZ78Vme+DpDVJPvZdZUZHpzbbcqmSW1+3xXGsERHg9YDmpYk0VVDiRvw1H5miNieJeJ/FNUjgH0BmVRWII6+T4MnDwmCMZUI/orxP3HGwYCSIvyzS3MpmmSe4iaWKCOHQ==

How does HTTPS secures the request?

  • In HTTPS, using TLS (Transport Layer Security), the HTTP request is encrypted by using two keys, one public and one private.
  • Just like an ID card confirms a person's identity, a private key confirms server identity. When a client opens a channel with an origin server, possession of the private key that matches with the public key in a website's SSL certificate proves that the server is actually the legitimate host of the website.

HTTPS advantages over HTTP:

  • Secure
  • Helps in search engine optimization (SEO)

=================

The End!

Linkedin github ๐Ÿš€โ˜๏ธ๐Ÿ–ค

ย