SSL, TLS, HTTP, HTTPS Explained

Hello everyone, in this video we are going to talk about HTTP, secure HTTP and SSL. Now HTTP stands for Hypertext Transfer Protocol. It is probably the most used protocol in the world. HTTP is the protocol used to view web pages on the Internet. So if you type a web address, such as google.com, you will see HTTP automatically added to the beginning of the web address. And indicates that you are now using HTTP to retrieve this web page. Now in standard HTTP all information is sent in clear text. Therefore, all information exchanged between your computer and that web server, including text you type on the website, is transmitted over the public Internet.

And because it is transmitted in clear text, it is vulnerable to anyone who wants it, such as hackers. Typically, this won't be a big problem if you only access regular websites and don't use sensitive data like passwords or credit card information. But if you were to enter sensitive personal data, such as your name, address, phone number, passwords, or credit card information, then the sensitive data leaves your computer and then has to cross the public Internet to get to that web server. . And this makes your data vulnerable because a hacker somewhere on the Internet can listen to the data being transmitted and steal your information.

As you can see, this hacker steals personal information while traveling on the Internet. So he has a name, phone numbers, address, credit card numbers, etc. So this is a problem in terms of security. And that's why HTTPS was developed. HTTPS stands for Hypertext Transfer Protocol Secure. And it's HTTP with a security feature. Secure HTTP encrypts data retrieved over HTTP. It ensures that all data transferred over the Internet between computers and servers is secure by making the data unreadable. And it does this by using encryption algorithms to scramble the data being transmitted. For example, if you visit a website where you need to enter personal information, such as passwords or credit card numbers, you will see an 'S' added to the HTTP in the web address.

And this 'S' indicates that you are now using secure HTTP and have entered a secure website where sensitive data will be passed and protected. And in addition to adding the 'S', many web browsers will also display a lock symbol in the address bar to indicate that secure HTTP is being used. When using secure HTTP, all data in it is no longer sent in clear text. It is in an unreadable format that travels over the Internet. So if a hacker tried to steal the information from him, he would get a bunch of meaningless data because the data is encrypted and the hacker can't crack the encryption to delete it.

HTTP now protects data using one of two protocols. And one of these protocols is SSL. SSL or Secure Sockets Layer, is a protocol used to guarantee security on the Internet. Uses public key encryption to protect data. This is basically how SSL works. So if a computer connects to a website that uses SSL, the computer's web browser will ask the website to identify itself. The web server then sends a copy of the SSL certificate to the computer. An SSL certificate is a small digital certificate used to verify the identity of a website. It is actually used to let your computer know that the website you are visiting is trustworthy.

Therefore, the computer's browser will ensure that it trusts the certificate. And if it does, it will send a message to the web server. After the web server responds with an acknowledgment, the SSL session can continue. Once all these steps have been completed, encrypted data can now be exchanged between your computer and the web server. And the other protocol that can use secure HTTP is called TLS. TLS or Transport Layer Security is the latest cryptographic protocol in the industry. It is the successor to SSL and is based on the same specifications. And like SSL, it also authenticates the server, the client and encrypts the data.

It is also important to note that many websites now use secure HTTP by default on their websites, regardless of whether sensitive data is to be exchanged or not. And a lot of this has to do with Google. Because Google now marks websites as insecure if they are not protected with SSL. And if a website is not protected by SSL, Google will penalize it in its search rankings. Therefore, if you visit a large website, you will see that secure HTTP is used instead of standard HTTP. And if you're interested in getting an SSL certificate for your website, I have a link in the description below to get up to thirty percent off SSL certificates, domain names, or websites.