The address bar in browsers most often does not attract attention unless you need to follow a link copied from somewhere to the clipboard. Sometimes we look there to make sure the transition is correct, especially in cases with a quick and dishonest redirect. But if we still look, then sometimes we notice an unusual state: some kind of lock is hanging, the font color is different, and instead of the usual http: // we see https: // for some reason. Immediately and do not understand, whether it has drifted somewhere, or something in the world has changed, or the memory is failing. Let's try to figure it out.
HTTP - application transfer protocol used to retrieve information from websites.
HTTPS is an HTTP protocol extension that supports SSL and TLS encryption.
The difference between HTTP and HTTPS is already evident from the definitions. HTTPS is not an independent data transfer protocol, but HTTP with an encryption add-on. This is the key and only difference. If data is transmitted over the HTTP protocol unsecured, then HTTPS will provide cryptographic protection. This is used where authorization is responsible: on the sites of payment systems, postal services, in social networks.
If the data is not protected by SSL, then an interceptor launched at an unfortunate moment allows an attacker to use it. Technically, the implementation of HTTPS is somewhat more complicated: for this, the protected site must have a server certificate in use, which the user accepts or does not accept. Such a certificate is installed on the server that handles connections. Both the data received by the client and the data received from him are encrypted. Encryption keys are used to check if the client receives and provides them.
Another technical difference is in the ports used for HTTP and HTTPS access. The first one usually interacts with port 80, the second - with port 443. The administrator can open other ports for the same purposes, but they will never coincide.
- HTTP is a data transfer protocol directly, HTTPS is an extension of this protocol.
- HTTPS is used for encrypted communications.
- HTTPS is also used for authorization on servers that require increased attention to data security.
- HTTP works on port 80, HTTPS on port 443.