What is HTTP?
HTTP is a short form of Hypertext Transfer Protocol. It is a protocol to access information over the internet. HTTP provides rules for how any information can be exchanged on the Internet.
What is HTTPS?
HTTPS is a short form of Hyper Text Transfer Protocol Secure. It is highly secure version of HTTP. It uses the port no. 443. It allows the secure transactions by encrypting the entire communication with SSL.
HTTP also allows you to create a secure encrypted connection between the server and the browser. It offers the bi-directional security of Data. This helps you to protect potentially sensitive information from being stolen.
Advantages of HTTP:
- HTTP can be implemented with other protocol on the Internet, or on other networks
- HTTP pages are stored on computer and internet caches, so it is quickly accessible
- Platform independent which allows cross-platform porting
- Does not need any Runtime support
- Usable over Firewalls! Global applications are possible
- Not Connection Oriented; so no network overhead to create and maintain session state and information
Advantages of HTTPS
- In most cases, sites running over HTTPS will have a redirect in place. Therefore, even if you type in HTTP:// it will redirect to an https over a secured connection
- It allows users to perform secure e-commerce transaction, such as online banking.
- SSL technology protects any users and builds trust
- An independent authority verifies the identity of the certificate owner. So each SSL Certificate contains unique, authenticated information about the certificate owner.
Limitations of HTTP
- There is no privacy as anyone can see content
- Data integrity is a big issue as someone can alter the content. That’s why HTTP protocol is an insecure method as no encryption methods are used.
- Not clear who you are talking about. Anyone who intercepts the request can get the username and password.
Limitations of HTTPS
- HTTPS protocol can’t stop stealing confidential information from the pages cached on the browser
- SSL data can be encrypted only during transmission on the network. So it can’t clear the text in the browser memory
- HTTPS can increase computational overhead as well as network overhead of the organization