Browse Definitions :

HTTP (Hypertext Transfer Protocol)

Contributor(s): Kevin Ferguson

HTTP (Hypertext Transfer Protocol) is the set of rules for transferring files, such as text, graphic images, sound, video, and other multimedia files, on the World Wide Web. As soon as a web user opens their web browser, the user is indirectly making use of HTTP. HTTP is an application protocol that runs on top of the TCP/IP suite of protocols (the foundation protocols for the Internet). The latest version of HTTP is HTTP/2, which was published in May 2015. It is an alternative to its predecessor, HTTP 1.1, but does not it make obsolete.

How HTTP works

As the Hypertext part of the name implies, HTTP concepts include the idea that files can contain references to other files whose selection will prompt additional transfer requests. In addition to the Web page files it can serve, any Web server machine contains an HTTP daemon, a program that is designed to wait for HTTP requests and handle them when they arrive. A web browser is an HTTP client, sending requests to server machines. When the browser user enters file requests by either "opening" a web file (typing in a URL) or clicking on a hypertext link, the browser builds an HTTP request and sends it to the Internet Protocol address (IP address) indicated by the URL. The HTTP daemon in the destination server machine receives the request and sends back the requested file or files associated with the request. As a note, a web page often consists of more than one file.

How HTTP works
How HTTP works

To expand on this example, a user wants to visit The user types in the Web address, and the computer sends a "GET" request to a server that hosts that address. That GET request is sent using HTTP and it is telling the TechTarget server that the user is looking for the HTML (Hypertext Markup Language) code used to structure and give the login page its look and feel. The text of that login page is included in the HTML response, but other parts of the page, particularly its images and videos, are requested by separate HTTP requests and responses. The more requests that must be made -- for example, to call a page that has numerous images -- the longer it will take the server to respond to those requests and for the user's system to load the page.

When these requests and responses are being sent, they use TCP/IP to reduce and transport information in small packets of binary sequences of ones and zeros. These packets are physically sent through electric wires, fiber optic cables and wireless networks.


HTTPS (HTTP over SSL or HTTP Secure) is the use of Secure Sockets Layer (SSL) or Transport Layer Security (TLS) as a sublayer under regular HTTP application layering. HTTPS encrypts and decrypts user HTTP page requests as well as the pages that are returned by the Web server. The use of HTTPS protects against eavesdropping and man-in-the-middle (MitM) attacks. HTTPS was developed by Netscape.

Migrating from HTTP to HTTPS is regarded as good for security.

Types of Status Codes

In response to HTTP requests, servers often issue response codes, indicating the request is being processed, that there was an error in the request or that the request is being redirected. Common response codes include:

  • 200 OK. This means that the request, such as GET or POST, worked and is being acted upon.
  • 300 Moved Permanently. This response code means that the URL of the requested resource has been changed permanently.
  • 401 Unauthorized. The client -- the user making the request of the server -- has not been authenticated.
  • 403 Forbidden. The client's identity is known but has not been given access authorization.
  • 404 Not Found. This is the most frequent and most recognized error code. It means that the URL is nor recognized or the resource at the location does not exist.
  • 500 Internal Server Error. The server has encountered a situation it doesn't know how to handle.

Learn more about HTTP in the video below:

This was last updated in July 2020

Continue Reading About HTTP (Hypertext Transfer Protocol)

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

Hi, my website uses http:// and when I audit my website it is suggesting for https://. Will it hamper my SEO? What to use for e-commerce website?
Yehh basically a beautiful info on the HTTP protocol which is the most important topic to be known in today's world.
Thanks for such best information.

Hope we receive such best info from you in future. 


  • risk assessment

    Risk assessment is the identification of hazards that could negatively impact an organization's ability to conduct business.

  • PCI DSS (Payment Card Industry Data Security Standard)

    The Payment Card Industry Data Security Standard (PCI DSS) is a widely accepted set of policies and procedures intended to ...

  • risk management

    Risk management is the process of identifying, assessing and controlling threats to an organization's capital and earnings.




  • call tree

    A call tree is a layered hierarchical communication model that is used to notify specific individuals of an event and coordinate ...

  • Disaster Recovery as a Service (DRaaS)

    Disaster recovery as a service (DRaaS) is the replication and hosting of physical or virtual servers by a third party to provide ...

  • cloud disaster recovery (cloud DR)

    Cloud disaster recovery (cloud DR) is a combination of strategies and services intended to back up data, applications and other ...