BytesOfProgress

Wiki


HTTP / HTTPS

HTTP

HTTP, or HyperText Transfer Protocol allows web browsers and servers to communicate on the internet. It runs on Port 80/TCP, or alternatively 8080. It's like a set of rules that helps them understand each other. When you type a website address into your browser and press Enter, your browser sends an HTTP request to the server where that website is stored.

The HTTP request comprises various components, including the method (like GET or POST) and headers conveying additional information. This request is analogous to asking the server for specific resources, such as a web page or an image. The server then processes this request and sends back an HTTP response.

The response contains a status code indicating the success or failure of the request and the requested resource, if successful. Additionally, it includes headers with metadata and, in the case of web pages, the HTML content. The content can consist of text, images, scripts, or any other resources needed to render the webpage.

HTTP operates on a client-server model, where the browser acts as the client, and the server hosts and delivers the requested content. It is a stateless protocol, meaning each request from a client to a server is independent and not influenced by previous requests. To maintain state or session information, technologies like cookies are used.

HTTPS

Over the years, HTTP has evolved, and its secure variant, HTTPS, runs on port 443 or alternatively 4443. HTTPS, or HyperText Transfer Protocol Secure, is an extension of HTTP designed to provide secure communication over a the internet. The "S" stands for secure, and HTTPS uses encryption to protect the data exchanged between the user's browser and the website's server.

HTTPS uses SSL (Secure Sockets Layer) or TLS (Transport Layer Security), protocols to encrypt the data in transit. This encryption ensures that even if someone intercepts the communication, they won't be able to decipher the data without the appropriate decryption key.

HTTPS provides data integrity, ensuring that the data sent between the user and the server remains unaltered during transmission. This is achieved through cryptographic hash functions that generate unique fingerprints for the data.

HTTPS is a way to verify the identity of the website. When you connect to a website using HTTPS, the server presents a digital certificate, which is issued by a trusted Certificate Authority (CA). This certificate verifies that the website is legitimate and establishing a secure connection.

Browsers typically indicate a secure connection by displaying a lock icon in the address bar or by changing the URL to start with "https://" instead of "http://". This helps users trust that their interactions with the website are secure.

Search engines like Google consider HTTPS as a ranking factor. Websites using HTTPS are likely to rank higher in search results, motivating website owners to use secure connections.

HTTPS is crucial for securing sensitive transactions, such as online banking, shop purchases, and data submissions. Without HTTPS, information like login credentials, credit card details, and personal data could be vulnerable to interception.




back