HTTP, TLS & Ports
How web requests work, what TLS adds, and the ports services listen on.
HTTP is a request/response protocol. A client sends a method (GET, POST, PUT, DELETE) to a path with headers and an optional body; the server replies with a status code and a response. It is stateless — each request stands alone, so sessions are carried in cookies or tokens.
HTTPS is HTTP wrapped in TLS, which provides encryption (privacy), integrity (tamper-proofing), and authentication (a certificate proves the server’s identity). A port identifies which service on a host you’re reaching — HTTP is 80, HTTPS is 443, SSH is 22.
curl -I https://example.com # headers only (status, content-type)
curl -v https://example.com # verbose: TLS handshake + request/response
curl -X POST -d '{"a":1}' \
-H "Content-Type: application/json" https://api.example.com/items
ss -tlnp # what's listening locally, and on which ports- Use
curl -Ito fetch only the headers of a website and note the status code. - Trigger a 404 and a successful 200 against any site and compare.
- List the well-known ports for HTTP, HTTPS, SSH, and DNS.
- Use
curl -vand find where the TLS handshake happens in the output.
Cheat Sheet▾
| Code / Port | Meaning |
|---|---|
| 200 | OK |
| 301 / 302 | Redirect |
| 401 / 403 | Unauthorized / Forbidden |
| 404 | Not found |
| 500 / 503 | Server error / Unavailable |
| 22 / 53 | SSH / DNS |
| 80 / 443 | HTTP / HTTPS |
Common Interview Questions▾
What does TLS add to HTTP?
Encryption (confidentiality), integrity (tamper detection), and authentication (a certificate proving you’re talking to the real server). HTTPS = HTTP over TLS.
What's the difference between a 4xx and a 5xx status code?
4xx means the client’s request was at fault (bad input, missing auth, wrong URL). 5xx means the server failed to handle a valid request.
What is a port and why do we need them?
A port is a number identifying a specific service on a host, so one IP can run many services (web on 443, SSH on 22) and the OS routes traffic to the right one.