Hyper Text Transfer Protocol

When we communicate with any web server, we use protocols (a set of rules) to do so. The most common of them are HTTP (HyperText Transfer Protocol) and HTTPS (HyperText Transfer Protocol Secure). HTTP is the basic and simpler version in which anyone on the network path can see what is being transferred. HTTPS, on the other hand, uses encryption and decryption at both the client and the server, keeping the content private. This difference makes HTTPS suitable for handling sensitive information like passwords, banking details, and personal data.

HTTP

It is a standard protocol used for sending text, images, and files from the server to the browser. It is not encrypted and hence the data can be viewed by routers, ISPs, or attackers in the network, making it less secure for personal or private data like passwords or keys. It is simple to implement and hence used in scenarios where security is not a concern, like blogs, news pages, or simple info pages. It uses PORT 80 by default.

HTTPS

It is the secured version of HTTP, where the sender encrypts the data before sending it and the receiver decrypts it before using it. In this way the data stays safe and cannot be viewed or modified by anyone in the middle. It uses SSL (Secure Sockets Layer) and TLS (Transport Layer Security) to encrypt the data and verify the identity of the server using certificates. It is slightly more computationally expensive, but modern improvements like HTTP/2 and HTTP/3 make it fast enough for most applications. By default it uses PORT 443.

HTTPS is chosen over HTTP since it giver user a sense of security, protection from hackers, better search engine rankings as well as compliance with standards.