HTTP transfer all data in plain text so that everyone in the path of network can see your data !
- Data may be stolen by attacker
- Data may be modified by attacker
In order to solve this problem, HTTPS is proposed.
HTTPS is a protocol for secure communication, which alose called HTTP over TLS, HTTP over SSL
HTTPS encrypt data in communication that makes attackers hard to pwn.
It is better for server using HTTPS all the time even if it costs a lot