In the fast-paced world of today, people want to get things done fast! Take, for example, your own Internet usage patterns: when opening a website, do you type its entire URL (e.g., www.scienceabc.com), or just the first couple letters and let the browser suggestions pop up and save you the effort of typing the entire thing?
Exactly, a lot of people do that (including myself), but while keying in the URL of a website, have you noticed a rather interesting thing that happens in the address bar? Even if you don’t enter it, either the prefix ‘http://’ or ‘https://’ gets added to the URL automatically!
Some websites have ‘http://’, while others have ‘https://’. Have you noticed which prefix our website uses? Go ahead, take a look at the URL of the current page. You’ll see that it says ‘https://’ prefix.
Is there a difference between HTTP and HTTPS? Why do some websites use one and some use the other? Let’s find out!
What is HTTP?
HTTP stands for Hyper Text Transport Protocol; it’s basically a protocol that allows people surfing the World Wide Web (www) to transfer information in the form of text, image, video, audio and other such files. In other words, you can say that HTTP is a set of rules that defines how browsers respond to various commands that you give it (e.g., logging onto a website by typing its URL in the address bar) and determines how digital information is exchanged.
What is HTTPS?
The ‘S’ added to the end of HTTP signifies ‘security’. Therefore, you can say that Hyper Text Transfer Protocol Security is just a secure version of HTTP. The popularity of HTTPS has increased manifold in the last decade, thanks to the mammoth increase in people’s awareness regarding the privacy of their Internet usage and information exchange. That’s the reason why you see a lot more websites using HTTPS instead of HTTP. Browsers like Firefox, Chrome and Internet Explorer show a padlock icon in the address bar to indicate whether a website’s HTTPS security is active.
HTTP versus HTTPS
This is the most obvious difference between the two: an HTTP page’s URL starts with ‘http://’, whereas an HTTPS page begins with ‘https:/’.
How They Work
In computer terminology, your browser is referred to as the client and the computer where the information request is stored is the server. Therefore, when you key in the URL of a website in the address bar and press Enter, the client requests information from the server by using HTTP by default. Once the server receives the request, it responds back to the client and the result is the page that you see opened up in your browser. This process is blazing fast, which is the reason there’s almost no detectable lag between the time you press Enter and the time the webpage opens up… if you pay for good enough Internet speed, that is.
The basic functioning of HTTPS is similar to HTTP, but it involves a few extra tools to make the information exchange secure. In addition to HTTP, it uses SSL and TSL protocols. These protocols ensure that no one apart from the client and server can hack into their communication externally. This sort of protection relies on SSL certificates to encrypt the information exchange. You can think of SSL certificates as documents that contain a computer owner’s Public Keys.
Using your computer’s Private and Public keys, the SSL certificates used in HTTPS ensure that your communication with the server remains secure and shielded against snooping.
A ‘port’ is basically a communication channel that determines what the server ‘expects’ to receive from the client. Different functions over the Internet use different ports; for example, sending and receiving emails is done through the SMTP on Port 25, while file transfers are done through the FTP (File Transfer Protocol) on Port 21. In the same way, HTTP most commonly uses Port 80 for communication, while HTTPS uses Port 443.
HTTPS uses encryption, as a result of the SSL/TSL certificates, whereas there’s no encryption of information in HTTP.
From an end user’s perspective, this is the one point that really makes them stand apart. An HTTPS connection is secured, meaning that it uses an encrypted connection by transport-layer security, guaranteeing that no one can retrieve your sensitive details or know what you’re looking for. An HTTP connection, on the other hand, is an unencrypted connection that can easily be intercepted by third parties.
To conclude, if you’re casually browsing the Internet, i.e. checking out funny memes and adorable cat videos, you won’t spot any difference in your surfing experience. However, if a web page asks you to enter your bank account number, address, or other personal details, it would be a good idea to take a quick look at the URL and check if that ‘S’ is guarding your privacy!
- HTTPS – Wikipedia
- Hypertext Transfer Protocol – Wikipedia
- Boston University Education
- Carnegie Mellon University – School of computer science