How Web Server Works

Web Server is the application that serves web pages such as text, images or videos to the web client. Web Server can be a daemon process running on specific IP address and listening to only specific port.  Web client may be termed as your favorite Firefox, Chrome, Safari Browsers or curl / rest API client software's.

Web Server can be designed to run on any hardware but if there is large number of request then we need to scale the hardware. The Operating System that the web server runs on should be chosen carefully. if the level of security needed is high then the operating system should be robust and highly secure. In this article we will be looking at how web server works

How Web Server Works

Any web server works based on request and response, the web client will send the request and the web server responds to them. The protocol that web server uses is hyper text transfer protocol (http) these are set of rules that govern the rules to frame request message and response message and interpret them.

Web Server Communication Components

The main four components that we require to communicate to Web Server are User, Client and Server Software, Internet and Resources. The first component is the user, user may be any person who is interested to get some service done from the web server. 

 

how web server works

 

 

The Second Component is Client and Server Software, as explained client software include your favorite Firefox/chrome/safari browsers, there are other software that can act as web client such as curl command on Linux and also some REST API client software that can be also part of client. 

The Web Server software include daemon process that listens on specified IP address and given port. Web Servers software available are Apache (Open Source), Tomcat(Open source), IIS (Web Server Developed By Microsoft), Web Sphere (IBM based Web Server), Nginx, Oracle iPlanet (Web Server Developed by Oracle) are some of the examples of web server

There may be multiple web servers running on given machine, web server listens on specific port so there are 65535 ports present on any system, apart from the 1024 standard ports that are allocated to ssh/ telnet/ ftp protocols web server can be made to listen on any of these ports.

The third component we require is the Internet we require two machines or nodes that are connected to each other using the internet cable and are capable of communication between them using Transmission Control Protocol (TCP)

The fourth component is the resources, Resource can be classified as static resource or dynamic resource. Static resource include text, images, videos, gif. Dynamic resource include buying the product online, online products keep changing based on their inventory, railway / flight booking the seats are termed as dynamic resource and the user tries to book them in real time.

Getting Back to How Web Server Works

Web Server uses hyper text transfer protocol (HTTP) to communicate to its Web Client here we assume any latest version of Browser Software. HTTP is an application layer protocol the set of rules that govern web application to communicate and exchange information. Feature of HTTP is its the connection less protocol the state of connection is always closed after each set of request it goes through. 

Fox example if browser requests the content on Web Server the Browser frames the HTML Request and sends it to Web Server and closes the connection. If at the other end there exists the Web Server it prepares the response and then sends the information to the browser and closes the connection. If suppose the new request has to take place then Browser has to frame the new request to the Web Server.

The HTTP Request

HTTP Request consists of request method, headers, params, authorizations and the body. In the minimal request we will be looking in to GET Method request method and the header

Request Method can be divided in to three segments 

  1. Method Type (GET)
  2. End Point Path 
  3. HTTP Version 

 

web server get request

 

Headers Include the Base URL, Mime Type it accepts and the Language that its requires the Web Server to send the response. Above image displays sample GET request from the browser to the server that hosts www.aixqna.com and the end point URL /2021/04/quote-of-day.html 

 

put request

put and post request

 

 

Similarly we can have different Method Type and the header and the body may change based on the request type. In case of PUT we generally use this to login methods, we may need to include Header Content type and Body. Similarly in case of POST Method we need to use Headers that contains content type and Body that contains the parameters that we need to change on the server.


The HTTP Response

The web server silently listens on the port is there is no request it keeps quiet, If there is any request the web server will create the response and will send it using hyper text transfer protocol response. The HTTP Response can be in text or html or xml or json format or it may be image jpg/ png or it may be in video format. Depends on the request your have placed on to the web server the response will be created. HTTP can be used to transfer any type of information weather its text/ image / video. HTTP internally uses Transmission Control Protocol (TCP) for communicating. 

Below is the http response that contains response code, response header and the response body as given below. The response code contains the HTTP version and the server response 200 for successful, 404 for page not found, 301 for permanent redirect etc.


web server response



The response header contains the website name, the content type, accept language and accept type as given in the below figure. The response body may contain the response in html / plain text / xml / json depending on the request, your client software may be capable of interpreting these output.

How Web Server Works Example

 
We will be using the postman REST API Client to provide an example and we will be using the GET request on the google domain. For this to work we will have to enter the Google domain in the send request and leave the header and params of get request as default


web server example



The response code we get is 200, header include server details, how the server processes the request, content encoding type, content type and many other headers like cookies, date, cache control etc. The body contains the HTML code as the response to the GET request. 


How Web Server Works With HTTPS

Hypertext Transfer Protocol Secure (HTTPS) is advanced secure method of communicating with the Browser and the Web Server, Hypertext Transfer Protocol Secure purpose is to decrypt and encrypt the communication data between the client and the Web Server using various encryption SSL/TLS algorithm techniques. In order to Understand HTTPS completely we need to understand two things

1. Certificate Authority is the trusted organization on Internet that issues the Digital Certificate. Fox example trusted organizations like Google CA issuing the digital certificate to YouTube or Gmail to make them trusted on Internet.

2. Digital Certificate is text file containing the Digital Signature of trusted organization. Digital Signature is generated for Web Server, Web Server sends its identity and public key to CA, CA verifies the info upon verification the CA will sign the Certificate by issuing Private Key anyone who has CA public key can verify the CA

 

Below is the HTTPS authentication process

1. Decide on Encryption and Decryption Algorithm

HTTPS communication between client and server starts upon deciding the algorithm they should be using to communicate between them. These algorithms will be used in to exchange the secret key and data between them. If the client is running outdated software that are not supported by the webserver the communication does not occur.

 

2. Presenting Digital Signature Certificate

The Web Server presents Digital SSL Certificate, Certificate is like an ID Card for the website issued by Trusted Organization. The Web Client decrypts the Certificate and gets to know that certificate is from trusted organization.

 

3. Shared Secret Key Exchange

The Web Client for example browser generates private key that will be used to encrypt and decrypt subsequent data exchanges between Web Server and Web Client.

Above secret key generated by Web Client will be encrypted using Web Servers public key, any one who has Web Server private key can decrypt the secret key.

After the private key of Web Client gets decrypted by Web Server all the data communication will be encrypted with that secret key and no middleman can read it.



 

Post a Comment

0 Comments