What is HTTP (Hypertext Transfer Protocol)?

 

What is HTTP (Hypertext Transfer Protocol)?

The Hypertext Transfer Protocol is an software protocol for distributed, collaborative, hypermedia data structures that approves customers to speak statistics on the World Wide Web.

What is the motive of HTTP?

HTTP was once invented alongside HTML to create the first interactive, text-based net browser: the authentic World Wide Web. Today, the protocol stays one of the most important potential of the use of the Internet.

How does HTTP work?

As a request-response protocol, HTTP offers customers a way to have interaction with internet assets such as HTML archives by using transmitting hypertext messages between consumers and servers. HTTP consumers commonly use Transmission Control Protocol (TCP) connections to speak with servers.

HTTP makes use of precise request strategies in order to function a number tasks. All HTTP servers use the GET and HEAD methods, however now not all guide the relaxation of these request methods:

GET requests a precise aid in its entirety

HEAD requests a uniquely useful resource barring the physique content

POST provides content, messages, or facts to a new web page beneath an current internet resource

PUT at once modifies an present net aid or creates a new URI if want be

DELETE receives rid of a distinctive resource

TRACE indicates customers any modifications or additions made to a internet resource

OPTIONS indicates customers which HTTP techniques are reachable for a unique URL

CONNECT converts the request connection to a obvious TCP/IP tunnel

PATCH in part modifies a internet resource

Security Concerns Around HTTP

Unfortunately, adversaries can pick out from many vectors to assault net servers, net applications, and websites. From cross-site scripting (XSS) to HTTP request smuggling, adversaries commonly make the most customary vulnerabilities and misconfigurations—not to point out the HTTP protection issues round sending plaintext credentials by way of HTTP. The OWASP basis has highlighted the pinnacle 10 safety dangers to keep away from when constructing net applications, assisting enhance defenses towards HTTP-based attacks.

Many assaults manifest over HTTPS, an encrypted HTTP connection hooked up with SSL/TLS. Learn how monitoring encrypted site visitors things for detecting assaults like Log4j which can conceal in encrypted HTTPS traffic.