HTTPS is the secure version of the HTTP protocol used by the web. HTTPS uses encryption, SSL or now TLS, to protect the connection as the requests and responses flow across the network. HTTPS can also prove the identity of the remote server through the use of a certificate signed by a trusted Certificate Authority (CA). Similarly, the identity of the user can be established by the use of client certificates, although this is rarely used.
Without the use of HTTPS, anyone with access to the network could possibly read the contents of the communications between the web server and client. This information could include passwords, personally identifiable information (PII), intellectual property (IP), or other sensitive information.
It is expected that HTTPS is the default protocol for all web servers, and if the HTTP port is open, it redirects to the HTTPS service.