HTTP and HTTPS both are application layer protocols with a difference in between them .
|HTTP stands for HyperText Transfer Protocol.||HTTPS stands for HyperText Transfer Protocol Secure or HTTP over SSL and HTTP over TLS.|
|In HTTP there is no encryption of data . So the data is vulnerable to eavesdropping and tampering .||HTTPS consists of communication over HTTP within a connection encrypted by Transport Layer Security or its predecessor, Secure Sockets Layer.|
|HTTP URLs begin with "http://" and use port 80 by default.||HTTPS URLs begin with "https://" and use port 443 by default.|
|HTTP is insecure and is vulnerable to man-in-the-middle attacks, which can let attackers gain access to website accounts and sensitive information, and modify webpages to inject malware or advertisements.||HTTPS is secure and designed to withstand such attacks.|