TCP/IP

I’ll first take you through the TCP/IP model.

TCP (Transmission Control Protocol) is a predefined set of rules that specifies how computers should communicate. I like to call it a handshake. When computers communicate to each other, eg when requesting/serving a web page, they first have to agree on the type of communication that they’ll use. When you visit a website, the protocol that is used is Hyper Text Transfer Protocol, this tells the computers what type and how the information should be transmitted between the two computers.

IP(Internet Protocol) is used to identify each computer that is connected to the internet. Each computer has a unique set of numbers to represent it, called an IP address. So before two computers communicate, the IP checks the addresses and confirms that it is indeed the right computers (thanks to ip addresses).

Now that we have that out of the way. Let’s jump right into it:

1. Domain Name System

Domain names are what you type in when you want to visit a particular site. Like www.stanceray.com. These are in text form and are easy for humans to read. The contents of a site are usually stored on a server (physical computer or a software). Each computer has its own unique ip address. So when you want to visit a site like stanceray.com, the browser has to know what server hosts/stores the contents of that website.

It does this using a Domain Name System. A DNS simply maps domains to their respective ip addresses. It does that and tells the browser, “hey, 192.122.21.11 is where you should check for stanceray.com.” Now that the browser knows where to query for the entered domain, it goes to the next step, which is to request the appropriate web server for the contents of the entered domain.

2. Web Servers

Websites are stored on what we call servers. The servers host all the contents (HTML, CSS, Images etc) of a website. Our browser, already knowing what computer stores the website/web page requested, sends a http request to that computer/server, asking for the contents of that web page. The server then sends a response back to the browser.

2.1 Application Servers

Web servers mostly deliver static content, ie, same content is shown to all the users. In cases where the contents of a site need to be unique to users, the application server does that job. It handles the logic and communicates to servers like the database server, to make this happen.

2.2 Database/ Database Servers

A database server manages storage/retrieval/updating, among other functionalities, of the information stored in them. For instance, an e-commerce store would want to store information like customer name, customer orders, customer address, etc. This information is usually stored in a database. So a database server simply makes it easy to access this information when needed.

3.HTTPS (Hyper Text Transfer Protocol Secure) && SSL (Secure Socket Layer) Termination

When you visit most sites, you’ll see a padlock/lock icon next to their domain names on the address bar. That simply means that any information you send from that domain, eg via forms, is secured, and can’t be 'accessed' by an attacker. (That's not the best word. Bear with me.) This is vital for sites like e-commerce shops that require you to enter details like your credit card information. The details you enter on that site are encrypted and can only be decrypted by the server hosting the website. This method of decrypting and possibly encrypting messages, by the server, is called SSL termination.

Another concept that we’ll look at is called Load balancing.

4. Load Balancing

Imagine an e-commerce site like amazon. They have like hundreds of thousands of users visiting the site in a day. We mentioned earlier that websites/web pages are stored on a web server and when the browser requests for that web page, it has to pass the request to the server which in turn responds with the web page’s contents. Now imagine hundreds of thousands of users each trying to access amazon at the same time. The server will definitely be overwhelmed with that number of requests, and will lead to slower responses to the user, or even crash. I can’t imagine typing amazon.com in my browser and having to wait 10+ minutes before I start seeing the contents of that site.

This is where the concept of load balancing comes in. A site like amazon doesn’t just have one server, but thousands, each serving the same content. What happens is that when a user goes on to search for amazon.com on their browser, the request is sent to a load balancer(server), which then, based on the algorithm defined in it, decides on the server that should process that request. That way no one server will be bombarded with too many requests when other servers are free. Amazing, right.

We may also want to configure our web servers to be able to filter/block incoming requests based on some predefined rules, before passing the request to the server. This is achieved by a web server firewall. Let's touch on that.

Firewall

As mentioned above, a firewall is a software or a physical computer that filters and blocks incoming and outgoing network traffic based on some predefined rules. A firewall helps prevent unauthorized access, malicious attacks , etc, on our servers, by checking the incoming requests from browsers.

Click here to see a diagram illustration of the flow above ie. when a user requests a web page.

Conclusion

In this post, we’ve covered how web pages are served. We’ve just brushed the surface but I hope you now have a better idea of what goes on under the hood when you type in a website’s domain that you want to visit. Adios :')