Http vs. Https: What is the difference?

DavidLux · Dec 29, 2013

Hello webmasters,

Can you show me pros and cons of Http vs. Https ? I know https is more secure but why it is then I didn't know.

If possible, plz show me what is the difference between Http vs. Https?

Thanks
David

JRichar · Jan 18, 2014

As a quick look of this comparison;
HTTPS protocol uses SSL, Secured layer. so your data is crypted before sending. If anybody tries to read the data, they will see crypto.

mido · Mar 5, 2015

Now when Google is ranking HTTPS slightly better it is a good idea to get a SSL cert for your sites. It is not that expensive either nowdays.

MightWeb · Mar 9, 2015

Basically, whilst slightly slower, SSL will add a layer of security on any transmissions to and from your web server to your visitor. It's essential for any e-commerce website, where transactions are made, for example. There are also several layers of SSL, where some provide a stronger encryption than others. When offering credit card payment through a website (for example), you'll want an SSL certificate with extended validation - as these are stronger cryptos for one, and also ensures your visitor they are dealing with the actual company, as these certificates are not handed out without authorization by the certificate authority.

That's a long story short - but the main point is that it's a good thing to have your website using HTTPS, and it makes life a tad bit more difficult for evil-doers. You can secure a domain with SSL for about $10'ish per year nowadays (and soon free, once Let's Encrypt is launched).

MrGravyCakes · May 14, 2015

These websites secure your data. It is important to check when you are making a purchase that the site is HTTPS, so that you know that you are on a site with SSL and it will protect your data.

merapata · Feb 17, 2016

(HTTP) HyperText Transfer Protocol
(HTTPS) HyperText Transfer Protocol Secure
Using HTTPS, the computers agree on a "code" between them, and then they scramble the messages using that "code" so that no one in between can read them. This keeps your information safe from hackers.

For This you need to install SSL in your server for your Domain

SSL encrypts the connection between your computer and users/Google/Any Search Engine. This helps prevent others, like Internet cafes, Internet Service Providers, and Wi-Fi hotspots, from seeing users activity, login, and any other activity and important information.

There is most and latest Update that encourage you to use SSL is Google Starts Giving A Ranking Boost To Secure HTTPS/SSL Sites. More detail you can google..

Cheers

EpicGlobalWeb · Feb 17, 2016

SSL stripping can still be done and although it's a good idea to secure your site by adding layers like this, its better to secure it in the scripting itself. SSL is only a slight security advantage and any one actually interested in hacking your site knows the best method of security is a strong password and 256 bit encryption.

Encryption like MD5 for example is pretty weak and there are automated programs which can easily brute force or dictionary attack these.

SQL injection is one other method which can bypass SSL security. So your main benefit is a marginal SEO bump and keeping the script kiddies at bay. It also gives your customers a sense of trust with their visual green bar and lock.

macklong · Jun 20, 2016

SSL and without SSL is the diff... Basically.

You may say all SSL websites data and cookie transfers are secure and encrypted. But it's only good and applicable if you protecting any private data..

I see some sites like free wallpaper downloads using SSL. I mean if it's free any you don't have any log in system why ssl then? Sometimes Big size of Wallpapers aren't download because of SSL security. It's bad and sometimes worst to work with

Marc A · Jun 20, 2016

https is more secure then http. Basically it lol.

VirtuBox · Jun 20, 2016

HTTPS is also faster than http now with the http2 and all the protocols like ALPN or SPDY.

And if you can use http2 without https, most of new network protocol will not work. As Google said, new websites should have https, even if they don't store any personal data.

Marc A · Jun 20, 2016

Really?

Nice, I use https for my website I don't notice any speed difference though, ?

VirtuBox · Jun 20, 2016

It will be faster only if your web server support http2. And for each browser there are differents specs.

For example to get a website faster for chrome, your server have to be compatible with the ALPN protocol.

Luxin Host · Jun 26, 2016

@DavidLux

I see alot of great answers above which are mostly related to what SSL is.
Ill try to give a brief explanation of what security it brings.
With out SSL or HTTPS you are sending traffic as plain text which is exposed to anyone using the same network as your client or to people who have placed malware on your user's computer.
However with SSL you can have military grade encryption protecting your user's data or essentially your own reputation.

these days SSL is very affordable and is even offered for free by companies such s cloud flare.

Also in addition as I just remembered to mention. HTTPS is now being counted as a good SEO advantage which can boost your rankings.

Nixtree · Jul 17, 2016

Secure Connection

HTTPS is secure http connection, it uses SSL certificate to encrypt the connection between the server and the end user. Now a days SSL is cheap and it can be easily installed in a server with control panel.

Https also increase some google ranking. Last year Google officially announced that switching your website over to HTTPS will give you a minor ranking boost.

Chris Worner · Jul 18, 2016

Nixtree said:
HTTPS is secure http connection, it uses SSL certificate to encrypt the connection between the server and the end user. Now a days SSL is cheap and it can be easily installed in a server with control panel.

Https also increase some google ranking. Last year Google officially announced that switching your website over to HTTPS will give you a minor ranking boost.

I am also caring about switch my sites to https because some people said it affected to google search rankings, but I did some researches some sites non-ssl are still getting good rankings on search results.

skyphost said:
Otherwise, anyone can obtain everything entered right over the internet.

How anyone can obtain everything entered on browsers for any sites without SSL?

Nixtree · Jul 19, 2016

Man in the Middle (MITM) Attack

As I suggested, switching over to HTTPS will give you a minor ranking boost.

Regarding the Man in middle attack, If you signup on a site without SSL, the details from the sign up forms are transmitted in plain-text and an unscrupulous individual could "sniff" the HTTP traffic and ascertain my login and password. Just google for "Man in the Middle (MITM) Attack" for getting more information about it.

instacarma · May 26, 2017

DavidLux said:
Hello webmasters,

Can you show me pros and cons of Http vs. Https ? I know https is more secure but why it is then I didn't know.

If possible, plz show me what is the difference between Http vs. Https?

Thanks
David

The HyperText Transfer Protocol is an application layer protocol, which means it focuses on how information is presented to the user of the computer but doesn't care a whit about how data gets from Point A to Point B. It is stateless, which means it doesn't attempt to remember anything about the previous Web session. This is great because there is less data to send, and that means speed. And HTTP operates on Transmission Control Protocol (TCP) Port 80 by default, meaning your computer must send and receive data through this port to use HTTP. Not just any old port will do.

Secure HyperText Transfer Protocol (HTTPS) is for all practical purposes HTTP. The chief distinction is that it uses TCP Port 443 by default, so HTTP and HTTPS are two separate communications. HTTPS works in conjunction with another protocol, Secure Sockets Layer (SSL), to transport data safely. Remember, HTTP and HTTPS don't care how the data gets to its destination. In contrast, SSL doesn't care what the data looks like. People often use the terms HTTPS and SSL interchangeably, but this isn't accurate. HTTPS is secure because it uses SSL to move data.

Http vs. Https: What is the difference?

Active member

New member

Member

Well-known member

Active member

Member

Well-known member

Active member

Well-known member

Well-known member

Well-known member

Well-known member

Well-known member

Well-known member

Well-known member

Well-known member

Member

Sponsors

Tag Cloud