Skip to content
Programming Glossary
Security Concepts Glossary
HTTPS — Explained with Examples

HTTPS — Explained with Examples

DodaTech Updated Jun 15, 2026 2 min read

HTTPS (HTTP Secure) is HTTP encrypted over TLS/SSL, protecting data between browser and server from eavesdropping, tampering, and impersonation.

HTTPS stands for HTTP Secure (also called HTTP over TLS). It wraps standard HTTP traffic inside a TLS encrypted tunnel, preventing anyone between the client and server from reading or modifying the data.

HTTP vs HTTPS 

HTTP:   http://example.com ⇒ Port 80 ⇒ Plain text
HTTPS:  https://example.com ⇒ Port 443 ⇒ Encrypted with TLS

HTTP Request (visible to anyone):
  POST /login HTTP/1.1
  Host: example.com
  password=MySecret123

HTTPS Request (encrypted, unreadable):
  ⟦������M��d��7��lOe��6�Z�w��⟧

How HTTPS Works in Practice

  1. Browser requests https://example.com
  2. Server sends its TLS certificate
  3. Browser validates the certificate against trusted CAs
  4. Browser and server establish an encrypted session (TLS handshake)
  5. All subsequent HTTP data flows through this encrypted tunnel

Mixed Content Warning

A common HTTPS issue is mixed content — an HTTPS page loading HTTP resources (images, scripts). Browsers block or warn about this:

<!-- SECURE: loaded over HTTPS -->
<img src="https://cdn.example.com/image.jpg">

<!-- BLOCKED: loaded over HTTP on an HTTPS page -->
<img src="http://cdn.example.com/image.jpg">

Real-World Analogy

HTTPS is like a secure courier service. You write a letter (HTTP content), put it in a sealed, armored box (TLS encryption), and only the recipient has the key. Anyone intercepting the box sees nothing but a locked metal container. Without HTTPS, your letter is in a clear plastic envelope — every postal worker, delivery person, and curious passerby can read it.

Example: Redirect HTTP to HTTPS (Node.js) 

const express = require('express');
const app = express();

// Redirect all HTTP traffic to HTTPS
app.use((req, res, next) => {
  if (!req.secure) {
    return res.redirect('https://' + req.headers.host + req.url);
  }
  next();
});

app.get('/', (req, res) => {
  res.send('Serving securely over HTTPS');
});

app.listen(80);

Related Terms

TLS/SSL, PKI, Encryption vs Hashing, HTTP, WAF

Related Tutorial

Web Security — Complete Guide

Previous TLS/SSL — Explained with Examples Next PKI — Explained with Examples

Built by the developers of DodaTech

Doda Browser, DodaZIP & Durga Antivirus Pro

Home Browse Security Concepts Glossary