HTTP/HTTPS

HTTP
HTTP stands for Hypertext Transfer Protocol and allows users access to the world wide web. HTTP is a request-respond function; this means that the client sends an HTTP request to a server that then responds with resources such as HTML, and/or other files. HTTP can also be used for site authorization to the server before responding to the request. This enables a challenge to be issued that has to be authenticated before the server re-sends the requested files. While HTTP does have some integrated security functions, these are generally deemed inadequate by security professionals.

HTTPS
HTTPS or Hypertext Transfer Protocol Secure has the same role as regular HTTP, but instead does it over a secure connection that is encrypted. Initially, HTTPS was used for transactions as well as sensitive information, where as of now it is almost a requirement for most websites. HTTPS uses port 443 compared to HTTP which uses port 80. HTTPS encrypts all information sent out and received, making the likelihood of malware being interjected into a page unlikely. Due to encryption, the user's information is also secure, thus helping to protect their identity as well as providing anonymity from others.

SSL
SSL or Secure Sockets Layers was the original utilized method where HTTPS pages were secured. The first few versions of SSL had major flaws causing them to be outdated relatively quick as well as not having the first version released due to glaring errors. As of today sites that use SSL1.0-3.0 are deemed insecure and should be upgraded to TLS if possible.

TLS
The goal of TLS or Transport Layer Security is to provide privacy and encryption between the client and the server. This is done by using symmetric cryptography which is different for every connection. This makes it so that if an attacker tries to sneak their way in during the connection process they are easily flagged due to the different information being sent by them. Authentication is also a requirement from at least one side of the process, either from the server or client side. In order to become HTTPS certified, you must have some form of TLS in your website.