HTTPS

HTTPS is HTTP over a secure socket layer (SSL), using public key encryption to make the communication between the client (browser) and the (web) server harder to eavesdrop and/or spoof. The standard port for HTTPS communication is 443

Since support for HTTPS is built into most web clients and servers, it is relatively transparent to the users, e.g. you don't have to change your HTML code to use HTTPS.

The only way most people notice that they are using HTTPS is that a URL starts with "https://" instead of "http://" or that a locked padlock icon appears in their browsers...

So why isn't all web traffic using HTTPS? Two reasons: Because the public key encryption and decryption causes a noticeable overhead, especially on a server with many hits. Also, to be able to run a HTTPS server you need an encryption certificate (actually a signed keypair) from a Certificate Authority and you would have to pay an annual fee to get those.