Hello guys, today I am going to be answering the question: 0x11. What happens when you type (https://www.google.com) in your browser and press Enter

Introduction

Greetings! Today we'll explore the complexity of URL such as "https://www.google.com" from your browser to the web server. Before we go lets have a look at some of the concepts outlined below;

DNS request

TCP/IP

Firewall

HTTPS/SSL

Load-balancer

Web server

Application server

Database

Structure (Anatomy) of URL (Uniform Resource Locator)

URL is a unique identifier used to locate a resource on the internet. It comprises of: protocol, domain name, port number, file path, etc, that guide the web browser on how and where to obtain an internet resource. For more details click here . ?

Subdomain name: The subdomain allows website to separate and organize content for the particular function. For example, www

Second level domain: It is unique part of the domain name. It presents the brand name. For example. example

Top level domain: This is the extension of the domain name. It defines the purpose of the domain name. For example, .com, .tech, .org

Root domain: The main part of your website domain. For example, example.com

DNS request

What is DNS?

Domain Name System is the phone book of the internet. Humans access information online through?domain names, like simpleclick.tech . While web browsers interact through Internet Protocol (IP) Addresses. Therefore, DNS translates domain names to?IP addresses enabling web browsers to load internet resources. Each device has unique IP Address that is use by other machines to find the device. DNS servers eliminate the work of memorizing the IP Addresses.

?

How does DNS work?

The process of DNS resolution involves converting a hostname (such as www.example.com ) into a computer-friendly IP address (such as 192.168.1.1). The IP Address is used to find the appropriate device on the internet.

?

?

There are 4 DNS servers involved in loading a webpage:

1. DNS recursor ?- The recursor can be thought of as a librarian who is asked to go find a particular book somewhere in a library. The DNS recursor is a server designed to receive queries from client machines through applications; web browsers. Typically the recursor is then responsible for making additional requests in order to satisfy the client’s DNS query.
2. ?Root nameserver?- The?root server ?is the first step in translating (resolving) human readable host names into IP addresses. It can be thought of like an index in a library that points to different racks of books - typically it serves as a reference to other more specific locations.
3. TLD nameserver ?- The top level domain server (TLD ) can be thought of as a specific rack of books in a library. This nameserver is the next step in the search for a specific IP address, and it hosts the last portion of a hostname (In example.com , the TLD server is “com”).
4. Authoritative nameserver ?- This final nameserver can be thought of as a dictionary on a rack of books, in which a specific name can be translated into its definition. The authoritative nameserver is the last stop in the nameserver query. If the authoritative name server has access to the requested record, it will return the IP address for the requested hostname back to the DNS Recursor (the librarian) that made the initial request.

Steps in DNS lookup

1.????? A user types ‘example.com ’ into a web browser and the query travels into the Internet and is received by a DNS recursive resolver. More at here .

?2.????? The resolver then queries a DNS root nameserver (.).

?3.????? The root server then responds to the resolver with the address of a Top Level Domain (TLD) DNS server (such as .com or .net), which stores the information for its domains. When searching for example.com , our request is pointed toward the .com TLD.

?4.????? The resolver then makes a request to the .com TLD.

?5.????? The TLD server then responds with the IP address of the domain’s nameserver, example.com .

?6.????? Lastly, the recursive resolver sends a query to the domain’s nameserver.

?7.????? The IP address for example.com is then returned to the resolver from the nameserver.

?8.????? The DNS resolver then responds to the web browser with the IP address of the domain requested initially. Once the 8 steps of the DNS lookup have returned the IP address for example.com , the browser is able to make the request for the web page:

?9.????? The browser makes a?HTTP ?request to the IP address.

?10.? The server at that IP returns the webpage to be rendered in the browser (step 10).

TCP protocol/IP

TCP protocol

TCP refers to the Transmission Control Protocol. It is a communication standard that enables computer programs and network devices to exchange information. ?It is designed to send?packets ?across the internet and ensure the successful delivery of data and messages over networks.

IP address

The need of IP Address

Internet Protocol Address is used to uniquely identify a network device for data transmission. It makes sure that data is transferred to the required device on the network.

Internal working of TCP (TCP 3-Way Handshake process)

?Step 1 (SYN): In the first step, the client wants to establish a connection with a server, so it sends a segment with SYN(Synchronize Sequence Number) which informs the server that the client is likely to start communication and with what sequence number it starts segments with.

?Step 2 (SYN + ACK): Server responds to the client request with SYN-ACK signal bits set. Acknowledgement(ACK) signifies the response of the segment it received and SYN signifies with what sequence number it is likely to start the segments with.

?Step 3 (ACK): In the final part client acknowledges the response of the server and they both establish a reliable connection with which they will start the actual data transfer. More on (https://www.geeksforgeeks.org/tcp-3-way-handshake-process/ )

Firewall

A firewall is a network security device that monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of security rules.

Firewalls have been a first line of defense in network security for over 25 years. They establish a barrier between secured and controlled internal networks that can be trusted and untrusted outside networks, such as the Internet.?

A firewall can be hardware, software, software-as-a service (SaaS), public cloud, or private cloud (virtual). For more details click here .

https://www.cisco.com/c/en/us/products/security/firewalls/what-is-a-firewall.html

Why Are Firewalls Important?

Their primary function is to establish a barrier between secured internal networks and potential untrusted external sources. Firewall has several benefits which include;

• Monitoring and filtering network traffic
• Preventing virus infiltration
• Blocking unauthorized access
• Upholding data privacy
• Enhancing compliance adherence
• Enhanced user identity protection
• Control over application use
• Encrypted traffic security without privacy compromise
• Advanced threat protection
• Automated threat intelligence sharing
• Zero trust principles

For more details click here .

HTTPS/SSL

What is HTTPS?

Hypertext transfer protocol secure (HTTPS) is the secure version of?HTTP , which is the primary protocol used to send data between a web browser and a website. HTTPS is encrypted in order to increase security of data transfer. This is particularly important when users transmit sensitive data, such as by logging into a bank account or health insurance provider. Websites are required to use https for secure connection among the network devices.

?How does HTTPS work?

HTTPS uses an encryption protocol to encrypt communications. The protocol is called Transport Layer Security (TLS) formally known as Secure Socket Layer (SSL). This protocol secures communications by using what’s known as an asymmetric public key infrastructure. This type of security system uses two different keys to encrypt communications between two parties:

The private key - this key is controlled by the owner of a website and it’s kept, as the reader may have speculated, private. This key lives on a web server and is used to decrypt information encrypted by the public key.?

The public key - this key is available to everyone who wants to interact with the server in a way that’s secure. Information that’s encrypted by the public key can only be decrypted by the private key. For more details click here

Why is HTTPS important? What happens if a website doesn’t have HTTPS?

HTTPS prevents websites from having their information broadcast in a way that’s easily being hacked on the network. When information is sent over regular HTTP it is easily get “sniffed” by hackers making communication unsecure. Areas of attack are; medium, such as public Wi-Fi are highly vulnerable to interception. With HTTPS, traffic is encrypted such that even if the packets are sniffed they cannot be easily deciphered. For more details click here .

Load-balancer

What actually happen on Load-balancing (Load balancer)?

Load balancing is the method of distributing network traffic equally across a pool of resources that support an application. Modern applications must process millions of users simultaneously and return the correct text, videos, images, and other data to each user in a fast and reliable manner. To handle such high volumes of traffic, most applications have many resource servers with duplicate data between them. A load balancer is a device that sits between the user and the server group and acts as an invisible facilitator, ensuring that all resource servers are used equally.

?

Benefits of load balancing?

It offers several advantages which include;

1.Application availability

Server failure or maintenance can increase application downtime, making your application unavailable to visitors. Load balancers increase the fault tolerance of your systems by automatically detecting server problems and redirecting client traffic to available servers. You can use load balancing to make these tasks easier:

• Run application server maintenance or upgrades without application downtime
• Provide automatic disaster recovery to backup sites
• Perform health checks and prevent issues that can cause downtime

?2.??????? Application scalability

You can use load balancers to direct network traffic intelligently among multiple servers. Your applications can handle thousands of client requests because load balancing does the following:

• Prevents traffic bottlenecks at any one server
• Predicts application traffic so that you can add or remove different servers, if needed
• Adds redundancy to your system so that you can scale with confidence

?3.??????? Application performance

Load balancers improve application performance by increasing response time and reducing network latency. They perform several critical tasks such as the following:

• Distribute the load evenly between servers to improve application performance
• Redirect client requests to a geographically closer server to reduce latency

• Ensure the reliability and performance of physical and virtual computing resources. For more details click here .

Web server

?What is a web server?

A web server is a computer system capable of delivering web content to end users over the internet via a web browser.

?How web servers work

The end user processes a request via a web browser installed on a web server. The communication between a web server or browser and the end user takes place using Hypertext Transfer Protocol (HTTP). The primary role of a web server is to store, process, and deliver requested information or webpages to end users. It uses:

1.???Physical Storage:?All website data is stored on a physical web server to ensure its safety. When an end user enters the URL of your website or searches it using a keyword on a browser, a request is generated and sent to the web server to process the data.

2.???Web browser:?The role of web browsers such as Firefox, Chrome, or Internet Explorer is to find the web server on which your website data is located. Once the browser finds your server, it reads the request and processes the information.

?Basic functionalities of web server include;

Store and protect website data:?A web server can store and protect critical website data from unauthorized users.

Control bandwidth to regulate network traffic:?A web server can help eliminate the downtime caused by high web traffic. Web hosts can set bandwidth to manage the rate of data transmission over the internet and minimize the excess network traffic.

Server-side web scripting:?The server-side web scripting feature enables users to create dynamic web pages using scripting languages such as Ruby, Python, and PHP.

Virtual hosting:?Web servers can also be used as virtual servers to run multiple applications, websites, data, and other services.

?Some of the web server software include;

Linux web server software: Linux server is built on an open-source Linux operating system that enables you to deliver content, applications, and services to end users. Linux servers are flexible, consistent, and high-performing servers with snapshot capabilities, optimized security, and scalable cloud technologies. These servers help address the increasing requirements of web services, applications, database management, and more.

NGINX web server software: NGINX is a popular open-source web server that runs and utilizes resources efficiently. It can handle huge volumes of traffic. It offers reverse proxy, HTTP caching services, email proxy, and load balancing. NGINX is a scalable, lightweight, and powerful web server capable of handling concurrent connections and is ideal for delivering static content.

Apache web server software: Apache web server or Apache HTTP server is an open-source server that processes user requests and delivers web assets and content via HTTP. This web server uses the MySQL database to store critical information in an easily readable format. With the help of the PHP programming language, Apache can create and serve dynamic web content. For more details click here .

https://www.solarwinds.com/resources/it-glossary/web-server

Application server

Simple definition of application server

?An application server?is?a software framework that provides an environment for developing, deploying, and running business applications and web services.

?Application server plays a crucial role in web application architecture by acting as an intermediary between the front-end user interface and the back-end systems. It enables the execution of business logic, data processing, and communication with external resources. More click here .

What lies behind the application server (Internal working of application server)?

An application server extends the capabilities of a web server by supporting dynamic content generation, application logic, and integration with various resources. It provides a runtime environment where you can run application code and interact with other software components, like messaging systems and databases. It uses business logic to transform data more meaningfully than a web server.

?When you attempt to access interactive content on a website, the process works as follows:

?1.??The browser uses the URL to finds the server’s IP address

2.???The browser sends an HTTP request for information

3.???The web server transfers the request to the application server

4.???The application server applies business logic and communicates with other servers and third-party systems to fulfill the request

5.???The application server renders a new HTML page and returns it as a response to the web server

6.???The web server returns the response to the browser

7.???The browser displays the information to you

?

For example, on an ecommerce website, when you add items to your cart, or check out items, you interact with the application server. For more details click here .

Database

Definition

?A database is an organized collection of structured information, or data, typically stored electronically in a computer system. A database is usually controlled by a?database management system (DBMS) . Together, the data and the DBMS, along with the applications that are associated with them, are referred to as a database system, often shortened to just database.

?Data within the most common types of databases in operation today is typically modeled in rows and columns in a series of tables to make processing and data querying efficient. The data can then be easily accessed, managed, modified, updated, controlled, and organized. Most databases use structured query language (SQL) for writing and querying data.

Types of Databases

There are many different types of databases. The best database for a specific organization depends on how the organization intends to use the data. Some of them include;

1.??Relational databases

Relational databases ?became dominant in the 1980s. Items in a relational database are organized as a set of tables with columns and rows. Relational database technology provides the most efficient and flexible way to access structured information.

2.??Object-oriented databases

Information in an object-oriented database is represented in the form of objects, as in object-oriented programming.

3.? Distributed databases

A distributed database consists of two or more files located in different sites. The database may be stored on multiple computers, located in the same physical location, or scattered over different networks. For more details click here .

Key Advantages of DBMS

The following are some of the advantages of database

1.??Improved Data Integrity and Consistency: In a DBMS, data integrity ensures the consistency and accuracy of data within the database. Data consistency is maintained in a DBMS through the enforcement of rules and constraints on the data, helping to ensure its accuracy and reliability. This allows for the avoidance of data inconsistencies and errors within the database.

2.??Enhanced Data Security: DBMS enhances data security through encryption and access control measures. Encryption plays a significant role in enhancing data security within DBMS by effectively mitigating data breaches, upholding compliance with regulations and standards, and bolstering the overall data security posture. Some of the security mechanisms are Role-Based Access Control (RBAC), and Attribute-Based Access Control (ABAC) to enhance data security.

3.? Efficient Data Access and Sharing: DBMS adopt efficient indexing techniques and robust querying capabilities which benefit different organizations/businesses as follows:

• Rapid data access
• Significantly enhancing the performance and speed of data retrieval operations
• Concurrent access to the most updated data for database users
• Quick response to changes and efficient data sharing. For more details click here .

Now that we have gained general knowledge of

• DNS request
• TCP/IP
• Firewall
• HTTPS/SSL
• Load-balancer
• Web server
• Application server
• Database

Let’s get back to the question

What happens when you type google.com in your browser and press Enter

1. So the first thing that happens is that your browser looks up in its cache to see if that website was visited before and the IP address is known.?
2. If it can't find the IP address for the URL requested then it asks your operating system to locate the website. The first place your operating system is going to check for the address of the URL you specified is in the host file. If the URL is not found inside this file, then the OS will make a DNS request to find the IP Address of the web page.
3. The first step is to ask the Resolver (or Internet Service Provider) server to look up its cache to see if it knows the IP Address, if the Resolver does not know then it asks the root server to ask the .COM TLD (Top Level Domain) server - if your URL ends in .net then the TLD server would be .NET and so on - the TLD server will again check in its cache to see if the requested IP Address is there.?
4. If not, then it will have at least one of the authoritative name servers associated with that URL, and after going to the Name Server, it will return the IP Address associated with your URL. All this execute in few seconds
5. After the OS has the IP Address and gives it to the browser, it then makes a GET (a type of HTTP Method) to the said IP Address. When the request is made the browser again makes the request to the OS which then, in turn, packs the request in the TCP traffic protocol and it is sent to the IP Address.?
6. On its way, it is checked by both the OS' and the server's firewall to make sure that there are no security violations. And upon receiving the request the server (usually a load balancer that directs traffic to all available servers for that website) sends a response with the IP Address of the chosen server along with the SSL (Secure Sockets Layer) certificate to initiate a secure session (HTTPS).?
7. Finally, the chosen server then sends the HTML, CSS, and Javascript files (If any) back to the OS who in turn gives it to the browser to interpret it. And then you get your website as you know it. For more details click here .

?Conclusion

It can be concluded that the journey of URL have more things to explore. This question is centered on the backend of a URL (Internal workings of a URL). Therefore, websites are tend to have strong backend infrastructure for optimal performance

References:

https://www.spaceotechnologies.com/glossary/tech-terms/what-is-application-server/

https://takeuforward.org/computer-network/what-happens-when-you-enter-google-com/

https://scalegrid.io/blog/advantages-of-dbms/#:~:text=The%20main%20advantage%20of%20using,essential%20tool%20for%20modern%20organizations .

https://www.oracle.com/database/what-is-database/#:~:text=A%20database%20is%20an%20organized,database%20management%20system%20(DBMS) .

https://aws.amazon.com/compare/the-difference-between-web-server-and-application-server/#:~:text=An%20application%20server%20extends%20the,like%20messaging%20systems%20and%20databases .

https://aws.amazon.com/what-is/load-balancing/#:~:text=A%20load%20balancer%20is%20a,resource%20servers%20are%20used%20equally .

https://www.paloaltonetworks.com/cyberpedia/what-are-the-benefits-of-a-firewall#:~:text=A%20firewall%20filters%20incoming%20and,protect%20network%20data%20and%20resources .

https://takeuforward.org/computer-network/what-happens-when-you-enter-google-com/