You have probably been typing a web address e.g. ‘www.google.com’ in a web browser before now and just waited for the page to load its contents before you begin to use the website. I would like to give you a high-level breakdown of what happens when you type in a web address and hit enter on your computer. We would walk through the various points of action needed to pass through to render the page result of the web address you entered.
STEP 0 - URL PARSING:
This is the first call to action and it is straightforward as you only need to input a string content(web address) and wait till the browser returns the page that matches the web address entered. Web browsers work on Internet Protocol (IP) addresses. It is possible to pass the IP address of a website and get the same results as when you parse the full string address but remembering ‘www.facebook.com’ is much easier than remembering ‘157.240.192.0/24’ and this is just one of the many websites we frequent every day. Thus, we map IP addresses with names called Domain Name which makes web browsing very convenient.
STEP 1 - DNS LOOKUP:
At this point, we assume that our web browser has failed to match the given web address(URL) from action 0 in either its own or the operating system’s cache, our web browser sends this request off to the closet resolver server which is usually your ISP(Internet Service Provider) to be resolved into its IP through the Doman Name System.
The resolver contacts both the top-level domain server(.com) and domain registrar before effectively resolver the hostname into its corresponding IP address. When this is all said and done, our web browser now knows that the IP address corresponding to ‘www.goggle.com’ is ‘8.8.8.8’. Now our web browser is prepared to take the next action.
STEP 2 - TCP/IP:
Having settled the IP address with the corresponding hostname, our web browser establishes a connection with the host server of the IP address entered. This communication between the browser and server happens over what is referred to as Transmission Control Protocol/Internet Protocol (TCP/IP). This particular communication protocol is not mandatory, any working protocol goes but this is a standard when it comes to web infrastructure and the OSI model.
TCP, the transport-layer protocol, is responsible for establishing the connection between the client which in this case is our web browser and server. TCP is defined by its reliability and packet (ie. request/response data) delivery in TCP is guaranteed, even if it takes more time. An alternative transport-layer protocol which is the User Datagram Package (UDP) is faster, but less reliable as packet delivery is not double-checked. UDP is typical of streaming services where instant content takes priority; TCP is used almost everywhere else.
STEP 3 — SSL
Our browser now knows the IP address of the server it needs to communicate with and the protocol to follow while communication is ongoing, but first it undergoes a security check. The first thing the web browser sends to the resolved IP address of is a message containing its Transport Layer Security (TLS) version along with a list of supported cipher algorithms and compression methods. TLS is a symmetric cryptography encryption method used to keep communicated data private, authenticated, and reliable. The method is an improved version of what was originally the Secure Sockets Layer (SSL). While TLS is the standard web cryptography protocol today, SSL remains the representative of the “S” in HTTPS, despite its deprecation in 2015.
Upon receiving this initial communication, the server chooses its preferred TLS algorithm and method and responds with a certificate and a security approval including the server’s TLS public key. Back at the client side which is the browser it uses this public key to encrypt a pre-master key that is sent back to the server.
If the public key sent to our browser is authentic, then the server can decrypt the pre-master key with its TLS private key. Upon proof of successful decryption, the browser and server have effectively established a trusted connection and symmetric method of sending messages back and forth.
This entire security process is referred to as the TLS handshake and is responsible for that cool green lock displayed in your browser whenever you connect to a website through HTTPS.
STEP 4 — HTTPS
HTTP stands for HyperText Transfer Protocol, a stateless, asymmetric request-response client-server protocol that overarches TCP/IP. Where TCP/IP defines the method of communication, HTTP defines how computers interact with each other. For instance, after completing the TLS handshake, our web browser sends an HTTP request message to the server. There are many types of request methods which are POST, GET, PUT, PATCH, and DELETE and these methods correspond to create, read, update, and delete (or CRUD) operations, respectively.
For our entry of ‘https://www.google.com’ qualifies as a GET request method which renders a web page for a web client from a server so our web browser has sent a TLS-encrypted HTTP GET requested to the resolved IP address of the URL to receive the corresponding web page as a result.
STEP 5 - LOAD BALANCER:
A load balancer is an intermediary server responsible for handling this traffic-splitting work. A load balancer is software that can be configured either on the same server as that hosting web content or on a server all its own. One such common and free load balancer software is HAProxy.
HTTP request traffic is split up by a program such as HAProxy according to a load-balancing algorithm put in place. There are various types of load-balancing algorithms, each with its own advantages and disadvantages.
STEP 6 - FIREWALL:
Firewalls are hardware, software, or a combination of both that filter all traffic coming in and out of a server. TLS is effective for preventing data from being intercepted mid-transmission. Yet, it assumes that the received data is coming from a trusted source. Firewalls are put in place to make no such assumptions and utilize a combination of packet filters, application gateways, circuit-level gateways, and proxy servers to make certain that a packet does not contain viruses or malicious hardware.
After the successful TLS handshake, our browser came to an agreement with the load balancer server as to how to encrypt messages as they are passed back and forth. TLS achieves three crucial security purposes which are privacy, integrity, and identification but yet it fails to account for a fourth purpose which is honesty and this is where the firewall service comes into play.
STEP 7 - HOST SERVER:
Alas, our web browser has passed through the various steps above and has hit the web server hosting the desired web URL we plan to visit and the delivery of the web contents are as follow:
A GET request is received by the web server and the server pulls up the file configured at the given location (in our example, the HTML file configured at the root (/) of the machine).
If the file to be rendered contains dynamic content, the application server is run. The result of these scripts is inserted into the web page.
If the dynamic content involves stored data, the application server queries from the database server.
The web server delivers the web page.
Top comments (0)