DIFFERENCES HTTP AND HTTPS
HTTP and HTTPS protocol is code language that are familiar to Internet users, because each link that refers to a website definitely use. This code is also often encountered when we want to do browsing or open a specific web page. We are asked to type the code at the beginning and end with colons and slashes twins when we are browsing the web page you want.
HTTP (Hypertext Transfer Protocol)Hypertext Transfer Protocol (HTTP) is a network protocol application layer used for information systems of distributed, collaborative, and using hypermedia use a lot in making the resources that are connected by a link called hypertext document which established the World Wide Web in 1990 by English physicist named Tim Berners Lee. Http is a protocol that provides communication between the network command, the communication between the computer network client with a web server. In this communication, computer client requests with typing in the address or website that you want to access. While the server is processing the request based on the code protocol fed.
Https is not a separate protocol, but refers to the combination of a normal HTTP interaction Socket Layer encrypted via SSL (Secure) or Transport Layer Security (TLS) transport mechanism. This ensures reasonable protection from eavesdroppers and (as long as it is properly implemented and the top level certification authorities do their job well) attacks.
To secure the communication between the browser with the web server. How can? The following brief illustration will answer: When you access a web server using HTTPS protocol, which pages you have submitted first encrypted by this protocol. And all the information that you send to the server (registration, identification, pin numbers, transfer payments) will also be encrypted so that no one could overhear (eavesdropping) in your data when the transaction process is underway.So your data transactions become more safe. HTTPS protocol can be found on the websites of banks, ecommerce, registration, etc. Because in this business area are prone to occur eavesdropping by third parties. For that you need an SSL certificate.
HTTP (Hypertext Transfer Protocol)Hypertext Transfer Protocol (HTTP) is a network protocol application layer used for information systems of distributed, collaborative, and using hypermedia use a lot in making the resources that are connected by a link called hypertext document which established the World Wide Web in 1990 by English physicist named Tim Berners Lee. Http is a protocol that provides communication between the network command, the communication between the computer network client with a web server. In this communication, computer client requests with typing in the address or website that you want to access. While the server is processing the request based on the code protocol fed.
Https is not a separate protocol, but refers to the combination of a normal HTTP interaction Socket Layer encrypted via SSL (Secure) or Transport Layer Security (TLS) transport mechanism. This ensures reasonable protection from eavesdroppers and (as long as it is properly implemented and the top level certification authorities do their job well) attacks.
To secure the communication between the browser with the web server. How can? The following brief illustration will answer: When you access a web server using HTTPS protocol, which pages you have submitted first encrypted by this protocol. And all the information that you send to the server (registration, identification, pin numbers, transfer payments) will also be encrypted so that no one could overhear (eavesdropping) in your data when the transaction process is underway.So your data transactions become more safe. HTTPS protocol can be found on the websites of banks, ecommerce, registration, etc. Because in this business area are prone to occur eavesdropping by third parties. For that you need an SSL certificate.
- Http://internetbanking.com/formlogin.html form on the page and login form in the form tag <form action = http: //internetbanking.com/dologin.php>. It's really not safe because there is no encryption at all.
- Weather in http://internetbanking.com/formlogin.html, tag the login form in the form <form action = https: //internetbanking.com/dologin.php. It was still not safe for formlogin can be changed by mitm attack.
- Weather in https://internetbanking.com/formlogin.html, tag the login form in the form <form action = http: //internetbanking.com/dologin.php>. Form login can not be attacked, but the password is sent without encrypted. Same lie.
- Weather in https://internetbanking.com/formlogin.html, tag the login form in the form <form action = https: //internetbanking.com/dologin.php>. This new secure, login forms can not be attacked, and encrypted passwords.
HTTP HTTP Not secure, encrypted nothing.
HTTP HTTPS Not secure, vulnerable to mitm attack.
HTTPS HTTP Not secure, form data is not encrypted,
HTTPS HTTPS Maximum Security
HTTP protocol called stateless because each command is executed independently, without the knowledge of the commands that came before. This is the main reason that it is difficult to implement Web sites that react intelligently to user input.
read also: Comparison Blogger Vs Wordpress, Who's the winner?
read also: Comparison Blogger Vs Wordpress, Who's the winner?
http session
A session is a sequence of HTTP request and response transaction network using HTTP protocol. An HTTP client will initiate a request. The client opens a connection Transmission Control Protocol (TCP) to a particular port that is contained in a host (usually port 80 or 8080). The server is listening on port 80 it will wait for a client request message. When receiving the request, the server sends back a status line, such as "HTTP / 1.1 200 OK", and the message that would be asked, error messages or other information.
Hypertext Transfer Protocol Secure (HTTPS)
Hypertext Transfer Protocol Secure (HTTPS) has the same meaning as HTTP HTTPS only has advantages in the field of security functions (secure) . HTTPS found by Netscape Communications Corporation . HTTPS using Secure Socket Layer (SSL) or Transport Layer Security (TLS) as a sublayer under the regular HTTP application layer. HTTP encryption and description of the page requested by the user and pages that are returned by the web server. Both of these protocols provide adequate protection against eavesdroppers, and the man in the middle attacks . In general, use HTTPS port is port 443. The level of protection depends on the correctness of the implementation of web browser and server software and supported by the actual encryption algorithm. Therefore, the use HTTPS web pages, and URLs used starts with 'https: //'.
Https can ensure security in the authentication server and the user's browser yaitumemungkinkan have confidence that they're talking to sesungguhnya.Https application server is also able to maintain data confidentiality and data integrity.
The main difference http and https
Some of the major differences between http and https, starting with the default port, which is 80 for http and 443 for https.Https works by transmitting normal http interactions through an encrypted system, so in theory, the information can not be accessed by anyone other than the client and the server end. There are two common types of encryption layers: Transport Layer Security (TLS) and Secure Sockets Layer (SSL), which both encode the data records are exchanged.
How to Work
The default TCP port https: URL is 443 (for unsecured HTTP, the default is 80). To prepare a web-server for https connections as an administrator and receiver must make a public key certificate for the web server. This certificate can be created for Linux based servers with tools such as Open SSL ssl or SuSE gensslcert. This certificate must be signed by a certificate authority of one form or another, stating that the certificate holder is who they propose. Web browsers are generally distributed with the signing certificates of major certificate authorities, so that they can verify certificates signed by them.
When using a https connection, the server responds to the initial connection by offering a list of enacryption methods support. In response, the client select a connection method, and the client and server exchange certificates to authenticate their identity. Once this is done, both parties exchanging encrypted information after ensuring that both use the same key, and the connection is closed. To host https connection, the server must have a public key certificate, which embeds key information with the key owner's identity verification. Most of the certificate is verified by a third party so that clients believe that the key is secure.
read also: What Distinguishes 3G vs 4G technology?
read also: What Distinguishes 3G vs 4G technology?
Advantages change HTTP to HTTPS?
Some variation possibilities URL of the page and form to note are:
Conclusion
Http and https have the same role in defining how a message can be formatted and sent from the server to the client, just https have advantages in security systems to function encrypts the information using SSL and TLS. Thus https have more security at http compare.
#BLOG
#BLOG
0 komentar:
Posting Komentar