What is HTTPS?

HTTPS is a secure version of the standard Hypertext Transfer Protocol (HTTP) that web browsers use when communicating with websites. The “S” in HTTPS stands for “secure”.

Initially, HTTPS was only used when sending sensitive information (e.g., passwords and personal information) across websites. However, standard HTTP is gradually being phased out in favor of HTTPS because of the increasing need for and awareness of network security.

Differences with HTTP

Regular HTTP communicates with the server by sending data over a connection through easily readable text called hypertext. This allows malicious third-parties to eavesdrop on the connection and obtain sensitive information.

HTTPS, on the other hand, transfers the data in an encrypted format. This prevents potential hackers from reading and/or modifying the data over the connection. Even if hackers intercept the information, it will be useless since they will not be able to decrypt it. This security is provided by the SSL (Secure Socket Layer) protocol and, more recently, the TLS (Transport Layer Security) protocol.

The diagram below illustrates how HTTPS encrypts messages sent on a connection: