This article will throw some light on HTTP (Hypertext Transfer Protocol) & HTTPS (Hypertext Transfer Protocol Secure)
HTTP (Hypertext Transfer Protocol)
It is an client-server protocol that allows clients to request web pages from web servers. It is an application level protocol widely used on the Internet. Clients are usually web browsers. When a user wants to access a web page, a browser sends a request message to the web server. The server responds with the requested web page. By default, web servers use the TCP port 80.
Clients and web servers use request-response method to communicate with each other, with clients sending the HTTP Requests and servers responding with the HTTP responses. Clients usually send their requests using GET or POST methods, for example GET /homepage.html. Web servers responds with a status message (200 if the request was successful) and sends the requested resource.
An example will clarify this process:
The client wants to access google.com and points his browser to the URL http://google.com (this is an example of an HTTP Request message). The web server hosting google.com receives the request and responds with the content of the web page (the response message).
Web servers usually use a well-known TCP port 80. If the port is not specified in a URL, browsers will use this port when sending HTTP request. For example, you will get the same result when requesting http://google.com and http://google.com:80.
The version of Hypertext Transfer Protocol most commonly used today is HTTP/1.1. A newer version, HTTP/2, is available and supported by most browsers.
HTTPS (Hypertext Transfer Protocol Secure)
Hypertext Transfer Protocol Secure is a secure version of Hypertext Transfer Protocol. This protocol enables secure communication between a client (e.g. web browser) and a server (e.g. web server) by using encryption. HTTPS uses Transport Layer Security (TLS) protocol or its predecessor Secure Sockets Layer (SSL) for encryption.
HTTPS is commonly used to create a secure channel over some insecure network, e.g. Internet. A lot of traffic on the Internet is unencryped and susceptible to sniffing attacks. HTTPS encrypts sensitive information, which makes a connection secure.
HTTPS URLs begin with https instead of http. In Internet Explorer, you can immediately recognize that a web site is using HTTPS because a lock appears to the right of the address bar:
HTTPS uses a well-known TCP port 443. If the port is not specified in a URL, browsers will use this port when sending HTTPS request. For example, you will get the same result when requesting https://gmail.com and https://gmail.com:443.