What happens when you type a URL in a browser and press enter?

If you are in any technical profession, This question is a classic and still widely used interview question for many types of positions. Whether you are an engineer, developer, marketer, or even in sales, it is always good to have a basic understanding of what is going on behind our browsers and how information is transferred to our computers via the internet.

The browser is going to analyze the input. Usually, if it has a ".com" it won't think you're typing search terms. And once it decides it must be a URL, it'll check that it has a scheme, if not, it'll add "https://" to the beginning. And since you didn't specify the number of HTTP protocol features, it'll assume defaults, like port 80, GET method.

Topics covered:

• DNS Lookup
• TCP/IP model
• HTTP(S)/SSL/TLS/HSTS
• Server-side: Firewall, Load Balancer, Web Server, Application Server, Database

Domain Name System(DNS)

The Domain Name System is created to keep track of IP addresses for us so we can enter human-readable addresses in our browser’s URL bar instead.

To resolve a domain name = to translate from domain name to its IP address.

When you type?www.holbertonschool.com?in your web browser and hit enter, the request will be forwarded to a DNS server. DNS server will then perform a?DNS lookup?to locate the corresponding IP address.

DNS uses a?client/server architecture?and the?DNS servers are organized in a?hierarchical and distributed fashion. It really just means we the users are the clients requesting some kind of information from a computer somewhere that will serve us what we asked for. And the route in which we take will look similar to an upside-down tree-like structure.

For holbertonschool.com, first, the DNS recursor will contact the root name server. The root name server will redirect it to .com domain name server. .com name server will redirect it to holbertonschool.com name server. Holbertonschool.com name server will find the matching IP address for Holbertonschool.com in its’ DNS records and return it to your DNS recursor which will send it back to your browser.

These requests are sent using small data packets which contain information such as the content of the request and the IP address it is destined for (IP address of the DNS recursor). These packets travel through multiple networking equipment between the client and the server before it reaches the correct DNS server. This equipment use routing tables to figure out which way is the fastest possible way for the packet to reach its’ destination. If these packets get lost you’ll get a request failed error. Otherwise, they will reach the correct DNS server, grab the correct IP address, and come back to your browser.

TCP/IP

TCP/IP stands for Transmission Control Protocol/Internet Protocol and is a suite of communication protocols used to interconnect network devices on the internet. TCP/IP is also used as a communications protocol in a private computer network (an intranet or extranet).

TCP/IP specifies how data is exchanged over the internet by providing end-to-end communications that identify how it should be broken into?packets, addressed, transmitted, routed, and received at the destination. TCP/IP requires little central management and is designed to make networks reliable with the ability to recover automatically from the failure of any device on the network.

The two main protocols in the IP suite serve specific functions. TCP defines how applications can create channels of communication across a network. It also manages how a message is assembled into smaller packets before they are then transmitted over the internet and reassembled in the right order at the destination address.

The 4 layers of the TCP/IP model

TCP/IP functionality is divided into four layers, each of which includes specific protocols:

1. The?application layer?provides applications with standardized data exchange. Its protocols include HTTP, FTP,?Post Office Protocol 3,?Simple Mail Transfer Protocol,?and Simple Network Management Protocol. At the application layer, the payload is the actual application data.
2. The?transport layer?is responsible for maintaining end-to-end communications across the network. TCP handles communications between hosts and provides flow control, multiplexing, and reliability. The transport protocols include TCP and?User Datagram Protocol, which is sometimes used instead of TCP for special purposes.
3. The?network layer, also called the?internet layer, deals with packets and connects independent networks to transport the packets across network boundaries. The network layer protocols are IP and Internet Control Message Protocol, which is used for error reporting.
4. The?physical layer, also known as the?network interface layer?or?data link layer, consists of protocols that operate only on a link -- the network component that interconnects nodes or hosts in the network. The protocols in this lowest layer include Ethernet for local area networks and?Address Resolution Protocol.

HTTP/HTTPS

HTTP: No Data Encryption Implemented

Every URL link that begins with HTTP uses a basic type of “hypertext transfer protocol”. Created by Tim Berners-Lee back in the early 1990s, when the Internet was still in its infancy, this network protocol standard is what allows web browsers and servers to communicate through the exchange of data.

HTTP is also called “a stateless system”, which means that it enables connection on demand. You click on a link, requesting a connection, and your web browser sends this request to the server, which response by opening the page. The quicker the connection is, the faster the data is presented to you.

As an “application layer protocol”, HTTP remains focused on presenting the information but cares less about the way this information travels from one place to another. Unfortunately, this means that HTTP can be?intercepted and potentially altered, making both the information and the information receiver vulnerable.

HTTPS: Encrypted Connections

HTTPS is not the opposite of HTTP, but its younger cousin. The two are essentially the same, in that both of them refer to the same “hypertext transfer protocol” that enables requested web data to be presented on your screen. But, HTTPS is still slightly different, more advanced, and much more secure.

Simply put, HTTPS protocol is an extension of HTTP. That “S” in the abbreviation comes from the word Secure and it is powered by Transport Layer Security (TLS) the successor to?Secure Sockets Layer (SSL), the standard security technology that establishes an encrypted connection between a web server and a browser.

Without HTTPS, any data you enter into the site (such as your username/password, credit card or bank details, any other form submission data, etc.) will be sent plaintext and therefore susceptible to interception or eavesdropping. For this reason, you should always check that a site is using HTTPS before you enter any information.

In addition to encrypting the data transmitted between the server and your browser, TLS also authenticates the server you are connecting to and protects that transmitted data from tampering.

SSL / TLS

Without a secured connection, communication between client and server is vulnerable. SSL is a security protocol that establishes a secure connection between a client and server.

SSL stands for Secure Sockets Layer and, in short, it's the standard technology for keeping an internet connection secure and safeguarding any sensitive data that is being sent between two systems, preventing criminals from reading and modifying any information transferred, including potential personal details. The two systems can be a server and a client (for example, a shopping website and browser) or server to server (for example, an application with personally identifiable information or with payroll information).

Notice the protocol stated on the left is?HTTPS?as opposed to?HTTP.?HTTPS?uses the same?HTTP?protocol but with an added?SSL/TLS encryption. It’s another way to access our website.

In order for this to work, both the browser and the server need?SSL Certificates. Since holbertonschool.com is an SSL-secured website, we will need an SSL Certificate and establish the connection through an?SSL Handshake.

How does an SSL certificate work?

1. SSL starts to work after the TCP connection is established, initiating what is called an SSL handshake.

2. The server sends its certificate to the user along with a number of specifications (including which version of SSL/TLS and which encryption methods to use, etc.).

3. The user then checks the validity of the certificate, and selects the highest level of encryption that can be supported by both parties and starts a secure session using these methods. There are a good number of sets of methods available with various strengths - they are called cipher suites.

4. To guarantee the integrity and authenticity of all messages transferred, SSL and TLS protocols also include an authentication process using message authentication codes (MAC). All of this sounds lengthy and complicated but in reality, it's achieved almost instantaneously.

Firewall

A Firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization’s previously established security policies. At its most basic, a firewall is essentially the barrier that sits between a private internal network and the public Internet. A firewall’s main purpose is to allow non-threatening traffic in and to keep dangerous traffic out.

TCP network breaks data into chunks (packets). Along with data, a packet will have a header including control information such as source address, a destination address, connection state, etc. (The packet receiver must send out a confirmation to the sender upon receiving a packet).

Types of Firewalls

Packet filtering

• A small amount of data is analyzed and distributed according to the filter’s standards.

Proxy service

• A network security system that protects while filtering messages at the application layer.

Stateful inspection

• Dynamic packet filtering that monitors active connections to determine which network packets to allow through the Firewall.

Next-Generation Firewall (NGFW)

• Deep packet inspection Firewall with the application-level inspection.

What Firewalls Do?

A Firewall is a necessary part of any security architecture and takes the guesswork out of host level protections and entrusts them to your network security device. Firewalls, and especially Next-Generation Firewalls, focus on blocking malware and application-layer attacks, along with an integrated intrusion prevention system (IPS), these Next-Generation Firewalls can react quickly and seamlessly to detect and react to outside attacks across the whole network. They can set policies to better defend your network and carry out quick assessments to detect invasive or suspicious activity, like malware, and shut it down.

Load Balancer

After a packet makes it past the firewall, it is likely to encounter a load balancer. The job of a load balancer is to…. balance loads. When you have a single server handling all client requests, a large volume of traffic may overwork the server and cause delays /connection issues. The lonely server becomes a single point of failure in this case — if the server is down for whatever reason, users will no longer be able to access the website. Having a load balancer means workload can be distributed across servers. If one fails, others will carry on. Load balancers handle?HTTP, HTTPS, TCP,?and?UDP?traffic. They manage traffic by load balancing algorithms and server health checks.

Web Server, Application Server, Database

Afterload balancer selected and forwarded our request to a server, our?HTTP request?will be processed by its web server.

Server VS Web Server:

A?server?is a computer designed to?process requests and deliver data?to other computers over a local network or the internet.

Web servers?supply the web content?for web browsers; what the browser requests, the webserver delivers through Internet network connections.

Static VS dynamic content:

Static content: already processed(HTML pages, images, etc) file and need not further processing. A web server can directly retrieve data from the codebase if static content is requested.

Dynamic content: needs to be compiled/process into an HTML file first before the webserver can process it.

If the client requests a dynamic file, the webserver will need to forward the request to an application server to process the dynamic content into HTML and retrieve data from the database if needed. Once processed, the application server can communicate and return the processed content to the webserver.

Application servers?host and execute applications and can be used to communicate and extract data from a database A database is a data repository that stores information. An Application server accesses a database using SQL (Structured Query Language) through data access drivers.

Once the content is processed, the web server will reply to the client with the requested content and an HTTP response. The?status code?within the HTTP response’s header will indicate whether the request was successfully completed.

And finally, you will be greeted with the domain homepage.