What is the difference between HTTP and HTTPS Protocols | HTTP vs HTTPS

The difference between HTTP and HTTPS Protocols

To know the difference between http and https protocols, let us first understand how the browser works. We all know to get some information/website; we type the required web address/url in the search field of the browser window, and obtain the necessary webpages/website. https protocolWhen the text is inserted in the search field of the browser window and when the user clicks the enter button of the keyboards, the browser window automatically adds few tags before the site name. This is either “http:// or https:// “… The colon ‘:” indicates the end of the http portion and ‘//’ (two forward slashes) emphasis on the need to lookout for the information on the other computer than the one that you are using to find the details. Now, the word ‘http’ is abbreviated form of ‘hyper text transfer protocol’. Http defines a set of rules and standards to be followed over the networks and uses TCP/IP (Communication protocols), not mandatory though, for transmission of data over the internet. It’s a protocol of world wide web (www) which understands the client request for hyper text documents of a site and tries to deliver/display the desired results from its web server (A place where the pages of the website resides) to the client browser window. It is also termed as stateless protocol as there is no record of the request sent i.e. if a user sends a request for a information via selecting a link, a connection is made between the requesting computer and the computer which would send the required information, and once the information is send, the connection is dropped. However the protocol can be made stateful by using cookies, hidden fields to record the transactions between the client browser and the server.


A major drawback with ‘http’ is, it is not well protected i.e. anyone can comfortably hack the information between the networks and manipulate it. This situation threw a challenge to many users who wanted to maintain privacy over the data on the net. The ‘https’ addressed the issue and the ‘s’ was added to http which denotes ‘security’. The https (Stateless though) was introduced by Netscape. A secured protocol, through its ‘Secured Sockets Layer’ (SSL) or Transport Layer Security (TLS) encrypts and decrypts and also locks the information/data on the internet. This protocol is being used for online banking, e-commerce applications and now the major social networking websites (Twitter, facebook etc) to protect its users’ information.


The https transaction related websites can be easily recognized through a padlock icon visible in any browser window https padlock iconand also by observing the URL where the site address usually starts with ‘https’.  In order to host an https site, one needs to have SSL certificate (Such as VeriSign), especially for online shopping, a proof that any banking information or a password related transaction cannot be accessed by the third party, a unique IP address to authenticate the certificate, and of course a SSL compatible web server.


How https works

Suppose you want to open a new account with facebook. There would be a new signup form with ‘https’ in the beginning of the URL. This is to secure the information (In the form of username, password, and other particulars) that you would send to the facebook server. The https would secure the data by encrypting the information while it is traveling from the client browser to the web server. The acknowledgement of the receipt from the web server to the browser would also be in an encrypted form and would be decrypted by your browser’s https security layers.


Summary of the Difference between http protocol and https protocols
http protocol https protocol

The url starts with http:// and its communication port is 80.

The url starts with https:// and its default port is 443.

Normal transmission of information between the web server and the client browser.

Encrypts the information to be transmitted between the client browser and the web server and vice versa.

A protocol for data viewing between the networks.

A grouping of two protocols namely HTTP and SSL/ TLS protocol.

A non-secured protocol An http protocol but with security.

Information related websites uses this protocol.

Banking websites, Online shopping websites with payment gateway, emails, and social networking sites uses this protocol.

SSL certificate not required

SSL certificate essential in case of online shopping