Http vs. Https: What is the difference?

DavidLux

Active member
Registered
Joined
Nov 6, 2012
Messages
67
Points
0
Hello webmasters,

Can you show me pros and cons of Http vs. Https ? I know https is more secure but why it is then I didn't know.

If possible, plz show me what is the difference between Http vs. Https?

Thanks
David
 

JRichar

New member
Registered
Joined
Jan 18, 2014
Messages
4
Points
0
As a quick look of this comparison;
HTTPS protocol uses SSL, Secured layer. so your data is crypted before sending. If anybody tries to read the data, they will see crypto.
 

mido

Member
Registered
Joined
Mar 5, 2015
Messages
22
Points
0
Now when Google is ranking HTTPS slightly better it is a good idea to get a SSL cert for your sites. It is not that expensive either nowdays.
 

Hawker

Well-known member
Registered
Joined
Dec 22, 2015
Messages
287
Points
0
Hawker
https only accounts for about 1% of your overall SEO score as considered by Google. Getting an SSL certificate for your site is no way a guarantee that Google will rank your site higher because of it. You have to get the other 99% of your SEO score up for that to happen. It's like having an an XML sitemap, just one part of your on-page SEO. You still need great content, usability and structure.

Having an SSL cert on your site can install confidence in your sites users/buyers.

Anything shared/transmitted on that site or from that site is securely encoded so that nobody can see/sniff that data.

But does your site need an SSL?

Not all sites need them. Example; wallpaper sites, or sites that don't require the transmission of any sensitive, private data like names, addresses, credit/debit card, bank details etc.

However, if your site provides login ability, and transmits any of these kinds of sensitive information, payment info etc, then your site definitely needs an SSL certificate.

It's just the standard thing today.

But you might not necessarily want to use SSL all over your site.

You can offer your browsers/readers/visitors the http version of your site.

Then have it switch automatically to using SSL (https) for those that signup/login/checkout etc.
 

MightWeb

Well-known member
Registered
Joined
Mar 9, 2015
Messages
126
Points
0
Basically, whilst slightly slower, SSL will add a layer of security on any transmissions to and from your web server to your visitor. It's essential for any e-commerce website, where transactions are made, for example. There are also several layers of SSL, where some provide a stronger encryption than others. When offering credit card payment through a website (for example), you'll want an SSL certificate with extended validation - as these are stronger cryptos for one, and also ensures your visitor they are dealing with the actual company, as these certificates are not handed out without authorization by the certificate authority.

That's a long story short - but the main point is that it's a good thing to have your website using HTTPS, and it makes life a tad bit more difficult for evil-doers. You can secure a domain with SSL for about $10'ish per year nowadays (and soon free, once Let's Encrypt is launched).
 

ElixantTechnology

Well-known member
Registered
Joined
Nov 26, 2014
Messages
281
Points
43
ElixantTechnology
I just looked into Let's Encrypt, and I don't think in my opinion that it would be a viable solution. From what I can tell, Mozilla is the only browser that would trust the certificates, which really limits things. I may be wrong of course.

Anybody can generate a certificate using OpenSSL, however, what you actually pay for is the signing authority that has partnered with browsers, software companies and payment processors to provide a level of trust. Sure, a $10 certificate will provide some security, however $150 a year for an EV-SSL will show a huge amount more trust with not only customers, but once again, your payment processors. Personally (and I am not the only person), I don't trust websites that use domain validated certificates. Anybody can get them, no verification of the business being valid and registered. Also, PCI compliance is another big thing in the eCommerce world.
 

lawrencegordon

Member
Registered
Joined
Mar 4, 2015
Messages
23
Points
0
lawrencegordon
Perhaps, because of this G loved sites that having SSL, it makes more trustworthy than sites without SSL but I don't see more diffidence when checking on search resutls for sites SSL and non SSL.
 

MrGravyCakes

Active member
Registered
Joined
May 7, 2015
Messages
75
Points
0
These websites secure your data. It is important to check when you are making a purchase that the site is HTTPS, so that you know that you are on a site with SSL and it will protect your data.
 

merapata

Member
Registered
Joined
Feb 15, 2016
Messages
30
Points
0
(HTTP) HyperText Transfer Protocol
(HTTPS) HyperText Transfer Protocol Secure

Using HTTPS, the computers agree on a "code" between them, and then they scramble the messages using that "code" so that no one in between can read them. This keeps your information safe from hackers.

For This you need to install SSL in your server for your Domain

SSL encrypts the connection between your computer and users/Google/Any Search Engine. This helps prevent others, like Internet cafes, Internet Service Providers, and Wi-Fi hotspots, from seeing users activity, login, and any other activity and important information.

There is most and latest Update that encourage you to use SSL is Google Starts Giving A Ranking Boost To Secure HTTPS/SSL Sites. More detail you can google..

Cheers
 

EpicGlobalWeb

Well-known member
Registered
Joined
Jan 24, 2016
Messages
180
Points
0
SSL stripping can still be done and although it's a good idea to secure your site by adding layers like this, its better to secure it in the scripting itself. SSL is only a slight security advantage and any one actually interested in hacking your site knows the best method of security is a strong password and 256 bit encryption.

Encryption like MD5 for example is pretty weak and there are automated programs which can easily brute force or dictionary attack these.

SQL injection is one other method which can bypass SSL security. So your main benefit is a marginal SEO bump and keeping the script kiddies at bay. It also gives your customers a sense of trust with their visual green bar and lock.
 

macklong

Active member
Registered
Joined
Jun 17, 2016
Messages
67
Points
0
SSL and without SSL is the diff... Basically.

You may say all SSL websites data and cookie transfers are secure and encrypted. But it's only good and applicable if you protecting any private data..

I see some sites like free wallpaper downloads using SSL. I mean if it's free any you don't have any log in system why ssl then? Sometimes Big size of Wallpapers aren't download because of SSL security. It's bad and sometimes worst to work with :(
 

Marc A

Well-known member
Registered
Joined
Jun 14, 2016
Messages
125
Points
18
https is more secure then http. Basically it lol.
 

VirtuBox

Well-known member
Registered
Joined
May 3, 2016
Messages
1,622
Points
83
HTTPS is also faster than http now with the http2 and all the protocols like ALPN or SPDY.

And if you can use http2 without https, most of new network protocol will not work. As Google said, new websites should have https, even if they don't store any personal data.
 

Marc A

Well-known member
Registered
Joined
Jun 14, 2016
Messages
125
Points
18
Really? :eek: Nice, I use https for my website I don't notice any speed difference though, ?
 

VirtuBox

Well-known member
Registered
Joined
May 3, 2016
Messages
1,622
Points
83
It will be faster only if your web server support http2. And for each browser there are differents specs.

For example to get a website faster for chrome, your server have to be compatible with the ALPN protocol.
 

Luxin Host

Well-known member
Registered
Joined
Jun 26, 2016
Messages
543
Points
43
@DavidLux

I see alot of great answers above which are mostly related to what SSL is.
Ill try to give a brief explanation of what security it brings.
With out SSL or HTTPS you are sending traffic as plain text which is exposed to anyone using the same network as your client or to people who have placed malware on your user's computer.
However with SSL you can have military grade encryption protecting your user's data or essentially your own reputation.

these days SSL is very affordable and is even offered for free by companies such s cloud flare.

Also in addition as I just remembered to mention. HTTPS is now being counted as a good SEO advantage which can boost your rankings.
 

Nixtree

Well-known member
Registered
Joined
Jul 16, 2016
Messages
133
Points
28
Secure Connection

HTTPS is secure http connection, it uses SSL certificate to encrypt the connection between the server and the end user. Now a days SSL is cheap and it can be easily installed in a server with control panel.

Https also increase some google ranking. Last year Google officially announced that switching your website over to HTTPS will give you a minor ranking boost.
 

skyphost

New member
Registered
Joined
Jul 17, 2016
Messages
4
Points
0
skyphost
In addition, if you plan on running a ecommerce site or anything that requires personal data to be entered, SSL is a absolute must so the user information will be encrypted. Otherwise, anyone can obtain everything entered right over the internet.
 

Chris Worner

Well-known member
Registered
Joined
Apr 15, 2016
Messages
612
Points
28
HTTPS is secure http connection, it uses SSL certificate to encrypt the connection between the server and the end user. Now a days SSL is cheap and it can be easily installed in a server with control panel.

Https also increase some google ranking. Last year Google officially announced that switching your website over to HTTPS will give you a minor ranking boost.
I am also caring about switch my sites to https because some people said it affected to google search rankings, but I did some researches some sites non-ssl are still getting good rankings on search results.
Otherwise, anyone can obtain everything entered right over the internet.
How anyone can obtain everything entered on browsers for any sites without SSL?
 

Nixtree

Well-known member
Registered
Joined
Jul 16, 2016
Messages
133
Points
28
Man in the Middle (MITM) Attack

As I suggested, switching over to HTTPS will give you a minor ranking boost.

Regarding the Man in middle attack, If you signup on a site without SSL, the details from the sign up forms are transmitted in plain-text and an unscrupulous individual could "sniff" the HTTP traffic and ascertain my login and password. Just google for "Man in the Middle (MITM) Attack" for getting more information about it.
 

instacarma

Member
Registered
Joined
May 11, 2017
Messages
25
Points
0
Hello webmasters,

Can you show me pros and cons of Http vs. Https ? I know https is more secure but why it is then I didn't know.

If possible, plz show me what is the difference between Http vs. Https?

Thanks
David
The HyperText Transfer Protocol is an application layer protocol, which means it focuses on how information is presented to the user of the computer but doesn't care a whit about how data gets from Point A to Point B. It is stateless, which means it doesn't attempt to remember anything about the previous Web session. This is great because there is less data to send, and that means speed. And HTTP operates on Transmission Control Protocol (TCP) Port 80 by default, meaning your computer must send and receive data through this port to use HTTP. Not just any old port will do.

Secure HyperText Transfer Protocol (HTTPS) is for all practical purposes HTTP. The chief distinction is that it uses TCP Port 443 by default, so HTTP and HTTPS are two separate communications. HTTPS works in conjunction with another protocol, Secure Sockets Layer (SSL), to transport data safely. Remember, HTTP and HTTPS don't care how the data gets to its destination. In contrast, SSL doesn't care what the data looks like. People often use the terms HTTPS and SSL interchangeably, but this isn't accurate. HTTPS is secure because it uses SSL to move data.
 
Older Threads
Replies
32
Views
11,240
Replies
4
Views
3,486
Replies
0
Views
5,413
Latest Threads
Recommended Threads
Similar Threads

Latest Hosting OffersNew Reviews

Sponsors

Tag Cloud

You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.

Top