From: Paul Welsh
I'm implementing SurfControl's Mobile Access Filter. It requires web publishing. There's a choice of HTTP or HTTPS. The data being passed to the filter server isn't sensitive so from the perspective of performance, cost, effort and confidentiality then there's no need to use HTTPS.
However, does opening port 443 rather than 80 have any intrinsic benefits with regard to security? I would have thought not, since an open port is an open port, but if there are benefits then I may invest in another certificate.
Actually, an "open port" is not just an "open port" -- that's how the hardware firewall dups think, but its definitely not true. The reason for that is that "open port" doesn't mean anything from a firewall perspective. The firewall isn't a pegboard with holes in it that need to be punched to open a port, that's why you won't find a single firewall anywhere in the world with an "open port" button. Why? Because its a meaningless team.
OK, to answer your question, if no user credentails or private data is moving over the channel, then you should use HTTP for better performance