TechStarters Logo
Blog Home
HTTP & HTTPS: Why The Difference Matters

HTTP & HTTPS: Why The Difference Matters

When we type a website into our browser of choice, often we will see it change to the full URL of the website and it will almost always start with either HTTP:// or HTTPS://. One might disregard the beginning of the URL, called the protocol, in favor of the actual domain name. In this post, we will explain what that familiar HTTP or HTTPS protocol means.

HTTP

HTTP stands for “Hypertext Transfer Protocol”. This protocol transmits and formats what is in the browser, as well as determines what action a server and browser take in response. Think of it this way: When you type TechStarters.com in your browser, you are sending an HTTP command to the web server to fetch the requested web page, which would be the TechStarters home page. HTTP is a “stateless” protocol. This means that each command is independent of the previous commands. It does, however, present the challenge of having websites that respond intelligently to user input. That is why JavaScript and cookies exist. The biggest problem with HTTP is that it is unencrypted. A third party can easily intercept the data.

HTTPS

On the other hand, HTTPS, also short for Hypertext Transfer Protocol, contains an “s”, which stands for secure. Originally, HTTPS was most common for e-commerce sites that required data like a customer’s credit card number to make a purchase. Now, it is used to secure any sort of sensitive information. Making an encrypted connection is a strong argument for switching to HTTPS. But there is a second and equally conducive reason. That is Google.

When determining how to rank results on the search engine, Google will check whether your website uses HTTP or HTTPS. It will give a higher rank to the secure protocol. So, switching to HTTPS can help boost your search engine optimization (SEO). In order to make the switch, however, you still need one more tool.

SSL

In order to switch your website to HTTPS, you will need a Secure Sockets Layer (SSL) certification. This protocol uses what is called an asymmetric Public Key Infrastructure (PKI) system. This system has two keys, the “public” key, and the “private” key. Anything encrypted using the public key can only be decrypted by the private key and vice-versa. Like the key to a safe, the private key should only be accessible to the owner. On a website, the private key is found on the web server. The public key is, as the name suggests, to be distributed to anyone that needs to decrypt information from the private key.

When you request a secure connection to a web page, the website will send its certificate containing the public key to your browser. This begins the process of making a secure connection. After this exchange, the website and the browser will generate and establish a secure connection that is unique to you and the website.

But why do the web page and browser go through all of that for a more secure connection? Any communications over regular HTTP connections are in plain text. They can be read by any hacker that can break the connection. This can endanger communications that include personal information like social security numbers, credit card numbers, or home addresses. With an HTTPS connection, all communications are encrypted, so even if someone were to break the connection, they would be unable to decrypt the data. 

Have more questions about HTTPS or SSL? Would you like to switch your website to HTTPS but are unsure where to start? A nerd at #TechStarters can help!

1 thought on “HTTP & HTTPS: Why The Difference Matters”

Comments are closed.