Http stands for Hypertext Transfer Protocol. It is a protocol used in the world of internet to define as to what actions will the World Wide Web take when messages are sent from one end. Whenever a message is sent by a user, how will it be formatted and where and how will it be transmitted over the internet is decided by its HTTP. All the data transfer or data communication takes over the World Wide Web is basically governed by HTTP. Introduced in 1990, its first version was called HTTP/0.9 and it was a very basic protocol which served the purpose of simply transfer data. Since then a lot of version have come up. The latest version is HTTP/1.1. Http basically provides a standardized way of defining what that whenever a client(which can be browsers , editors, spiders) sends data to a server how will it be formatted and then in turn how will the server respond to that particular data request. Http connections are usually using TCP/IP connections with TCP 80 [19] being the default port.
Http protocol is a connectionless and hence a stateless and generic protocol. Whenever a client sends a data request to a server a connection is set up between the two but soon after the request is sent the connection is broken. To send information back from the server to the client a new connection is set up again.
Now it has been observed that when a web browser and a server interacted with each other using http as a language it became unsafe particularly when the information which was being exchanged was sensitive like bank details or credit card details etc. Hence arose a requirement of a safer alternative or a safer version of http where no “packet sniffers” could potentially take advantage of the information exchange. For the same purpose https was developed.
Https stands for Http Secure, or to be more specific, Http over SSL (Secure Socket Layer). It is not a new protocol but might be seen as http protocol using a sub layer of SSL. The security property of SSL(Secure Socket Layer) and TLS(Transport Layer Security) is used as a sub layer along with Http to provide a very safe and secure medium of information transaction over the internet.
The technology of Encryption is used in Https. When any data is sent from one end it is encrypted so that if at all it is intercepted on its way, it remains secure and cannot be deciphered or understood. This way the data is communicated securely over the internet and is decrypted on the other intended end only. Whenever the website involved uses any consumer data that is sensitive like banking details or online purchasing it is always advised to use https to avoid the data getting into wrong hands. When a client uses https he is ensured of two things. Firstly it ensures that he is dealing with the right server and not a middle man and secondly that all the communication is secure and there will be no eavesdropping. Https uses Port 443 while interacting with its lower layers, unless otherwise specified. A secure website will display a padlock icon in the address bar and also its URL will start with https://. Generally an https website is slower as compared to http. Https uses public and private keys to validate servers and users. Cryptographically signed certificates are used to verify the servers. To have an https website you need an SSL certificate which will authenticate the online identity of the website and will make a unique scrambled connection each time a shopper logs on to provide a safe and secure environment to exchange information.
SSL implementation has become a major topic, as Google announced to use SSL as an index ranking signal. The sites which are not using SSL will be considered insecure and unreliable. It is advised to apply recommended modification to site while beginning to serve page over SSL. Owing to ranking advantage and attention to security and privacy, many content management system users has started to implement SSL. It can be considered a positive move in direction of secure web. But unless the websites are fully configured, user will not be able to get website’s secure pages through search engines and will miss SEO benefit. According to Google’s revelation 80% websites have misconfigured SSL implementations and it revealed that 80% of HTTPs URL was not included because the crawlers could not become able to locate the pages.
The retailer of SSL certificates recommends that users who are willing to implement SSL on their sites must be aware of the SEO consequences.