HTTPS #

Introduction #

Hypertext Transfer Protocol Secure (HTTPS) is an extension of HTTP that adds a layer of security through encryption. It ensures that data exchanged between the client and server remains confidential and tamper-proof.

1. TLS/SSL Encryption: HTTPS uses Transport Layer Security (TLS) or its predecessor, Secure Sockets Layer (SSL), to encrypt data. This prevents eavesdropping and unauthorized access.

2. Certificates: Websites using HTTPS obtain SSL/TLS certificates from certificate authorities. These certificates verify the authenticity of the server and enable secure communication.

3. Port 443: HTTPS typically operates on port 443, while HTTP uses port 80. Browsers automatically redirect HTTP requests to HTTPS for secure connections.

4. Mixed Content: Mixing HTTP and HTTPS content on a page can lead to security warnings. Always strive for a fully secure experience.

Learning Resources #

Books #

• Bulletproof SSL and TLS

Documentation #

• What is HTTPS?
• What Is HyperText Transfer Protocol Secure (HTTPS)?