differences and how they influence safety - Isabella Di Fabio
Understand the difference between HTTP and HTTPS, what the "S" means and how it influences the security of the information trafficked on your site with this post. Let's go there!
HTTP, whose meaning in English is Hypertext Transfer Protocol, is defined as: the way, the form, or to put it colloquially, the language of minimal information communication on the Web.
Basically when we open a Web page from a browser, both the client (destination) and the server (origin) communicate using the protocol called HTTP. For the message to be understandable between them, both must understand and interpret the same language at the same time, making it a common language between the parties.
Let's imagine the following daily scenario: we need to transmit a message to a person, therefore here they participate: who sends (origin / sender) and who receives (destination / receiver), so that the transmitted message is understood and interpreted by the receiver is imperative that both communicate in the same language or language. This analogy is the same one that occurs in an HTTP transmission.
HTTP is a very basic communication language since the exchange of information between one point (server) to another (client) is based on data of the text type (on the web called hypertext) and in turn the web browser: generates , displays or interprets content at an understandable level, visually speaking, for end users.
Now, the fundamental difference with respect to HTTPS (apart from the letter s obviously) is that in addition to being an HTTP protocol, a data encryption component is added to both ends of the communication, through the digital certificates configured in the server and adding a new protocol called SSL, so HTTP is HTTP + SSL.
Communication is secure and only the recipient of the information will be able to understand the result, but let's clarify that this does not imply that the site itself is secure.
When we talk about site security we are referring to much more technical and careful things: data type validation, filtering and sanitation of what was received, anti-robot captcha, password robustness; and a lot of other techniques to avoid attacks like: XSS, Injection SQL, among others.
Therefore it is important to understand that a site with HTTPS protocol can be technically as secure or insecure as one with HTTP, although HTTPS certainly goes the extra step in ensuring the transmission of the data itself.
When a page requests sensitive data, be it: passwords, access pins, and even more so when it comes to monetary transactions, the reality is that this site should inevitably have HTTPS.
It is important for a site to have HTTPS because it is one of the factors that can help improve Google ranking. It also gives a certain feeling of security to the user who enters our site.
By Isabella Di Fabio - Isabella Secret Story of web
Understand the difference between HTTP and HTTPS, what the "S" means and how it influences the security of the information trafficked on your site with this post. Let's go there! HTTP, whose meaning in English is Hypertext Transfer Protocol, is defined as: the way, the form, or to put it colloquially, the language of minimal information communication on the Web. Basically when we open a Web page from a browser, both the client (destination) and the server (origin) communicate using the protocol called HTTP. For the message to be understandable between them, both must understand and interpret the same language at the same time, making it a common language between the parties. Let's imagine the following daily scenario: we need to transmit a message to a person, therefore here they participate: who sends (origin / sender) and who receives (destination / receiver), so that the transmitted message is understood and interpreted by the receiver is imperative that both communicate in the same language or language. This analogy is the same one that occurs in an HTTP transmission.
