Http Vs Https

After 2014, Google recommended that sites should switch to HTTPS, where at that only e-commerce website were concerned to use HTTPS. And even Google announced to provide Https websites with higher rankings.

Https is https with encryption the only difference between two protocols is that HTTPs uses TLS (SSL) to encrypt normal HTTP requests and responses, now you are probably wondering why it is so important to switch over https? As a result, Https is far more secure than HTTP. A website that uses HTTP has http:// in its URL while a website that uses HTTPS has https://

What is HTTP?
HTTP stands for Hypertext Transfer Protocol, and it is a protocol used for transferring data over a network, Most information is sent over the internet including, website content and API(Application Programming Interface)  calls.

What is HTTP request? What is an HTTP response?
HTTP requests are generated by user’s browser as the user interact with web properties. For example if someone googles “what is HTTP?” and this article shows up in the search when they click on the link, their browser will create and send a series of HTTP requests in order to get the information necessary to render the page.

What is HTTPS?
HTTPs stands for Hypertext Transfer Protocol Secure, where HTTPs protocol create secure encrypted connection between the server and the browser to protect potentially sensitive information from being stolen
TLS uses a technology called public key encryption: there are two keys , a public key and a private key to agree on new keys called session keys, to encrypt communication stream between them

How does HTTPs block attacks?
Authentication means verifying that a person or a machine is who they claim to be. In HTTP, there is no verification of identity—it is based on a principle of trust.
Secure Socket Layer (SSL) is the standard security technology for establishing an encrypted link between two systems, Basically SSL ensures that the data transfer between two systems remains encrypted and private.
Just like an ID card confirms a person’s identity, a private key confirms server identity, when a client opens a channel with an origin server, possession of the private key that matches with the public key in a website SSL certificate proves that the server is actually the legitimate host of the website.
This prevents or helps to block a number of attacks that are possible when there is no authentication, such as:
1.    Man in the middle attacks
2.    DNS hijacking
3.    BGP hijacking
4.    Domain spoofing
We will discuss all these attacks in cyber security section

stay safe with Tech4allgeeks
For more blogs you can subscribe in the email box at right or you could follow us on facebook
stay tuned for more, have a nice day 😊

Author Image

About Author
Hisham Elreedy is Digital Electronics Engineer, Graphics Designer, Blogger, Youtuber. Inspired to teach all he knows from his experience in studying undergraduate engineering by creating useful posts

Post a Comment