UNIT 2

PART 1

Web Server: Functions, Architecture

and Types

In today’s world, the internet has become a necessity for almost every
aspect of our lives. The Internet is used for communication, entertainment,
education, and even business. Behind every website we visit, there is a
web server that delivers the website’s content to our devices. This article
discusses what is web server, its functions, what is web server architecture,
its types, working, and what is web server security.

What is Web Server?

A web server is simply a computer that stores, processes, and distributes

website files to web browsers. Web servers are made up of hardware and
software that use the Hypertext Transfer Protocol (HTTP) to respond to
requests made by web users via the World Wide Web. Web servers use
this process to load and send the requested page to the user’s browser,
such as Google Chrome. To handle files for email or storage, web servers
also use Simple Mail Transfer Protocol (SMTP) and File Transfer Protocol
(FTP).

So, what is web server made up of? On the hardware side, a web server
connects to the internet, allowing it to share data or files with other devices
that are also connected. This data can take many different forms, like
HTML files, images, JavaScript files, and CSS stylesheets. Web server
hardware contains web server software as well.

Web server software governs how web users access hosted files. It is
made up of several parts, one of which is an HTTP server. An HTTP server
is a piece of software that understands HTTP queries and URLs.

Functions of a Web Server

The functions of a web server can be broken down into several categories:

1. Storing and delivering web content:

The primary function of a web server is to store and deliver web content
 such as web pages, images, videos, and other files to clients that request
them. This involves processing incoming requests, retrieving the requested
content from the server’s storage devices, and sending the content back to
the client in the form of an HTTP response.

2. Handling HTTP requests:

A web server handles HTTP (Hypertext Transfer Protocol) requests from
clients or users. The HTTP protocol is the standard protocol used for
communication between web servers and clients. When a client requests a
web page or other web content, the request is sent to the web server over
the internet. The web server then processes the request, retrieves the
requested content from its storage devices, and sends it back to the client
in the form of an HTTP response.

3. Generating responses to HTTP requests:

A web server generates responses to HTTP requests by running web
applications that generate dynamic content based on user input and other
factors. For example, an e-commerce website may use a web application
to generate web pages dynamically that display product information,
pricing, and availability based on user searches or selections.

4. Managing and maintaining web applications:

A web server manages and maintains web applications that provide various
services such as e-commerce, social networking, and content
management. This involves installing, configuring, and updating web
application software, monitoring performance, and troubleshooting issues
that may arise.

5. Supporting multiple clients simultaneously:

A web server supports multiple clients or users simultaneously by handling
multiple HTTP requests at the same time. This is achieved through the use
of multi-threading or other techniques that allow the server to process
requests in parallel.

What is Web Server Architecture?

Web server architecture defines the structure, components, and

configurations of a web server, which are required for it to function properly
and deliver web-based services to clients. It is a crucial aspect of web
server management and plays a significant role in determining the
performance, reliability, and security of a web server.

The two main approaches to web server architecture are the concurrent
approach and the single-process-event-driven approach.
1. Concurrent Approach:
In the concurrent approach, the web server creates a separate process or
thread for each client request. Each process or thread handles one request
at a time, allowing multiple requests to be processed simultaneously.

For example, suppose a web server receives five client requests

simultaneously. In the concurrent approach, the server will create five
separate processes or threads to handle each request concurrently. This
approach is often used in traditional web servers like Apache, which can
handle a large number of concurrent connections.

2. Single-Process-Event-Driven Approach:
In the single-process-event-driven approach, the web server uses a single
process or thread to handle all client requests. The server waits for events
(e.g., new connection requests, and incoming data) and handles them one
at a time in a non-blocking manner.

For example, suppose a web server receives five client requests

simultaneously. In the single-process-event-driven approach, the server will
use a single process or thread to handle all five requests one at a time, in a
non-blocking manner. This approach is often used in modern web servers
like Node.js, which are designed to handle large numbers of lightweight
connections efficiently.

Types of Web Servers

Here are some of the most common types of web servers:

1. Apache HTTP Server:

Apache HTTP Server is an open-source web server software that is widely
used around the world. It is known for its high performance, stability, and
flexibility, and supports a wide range of operating systems, including Linux,
Windows, and macOS.

2. Microsoft Internet Information Services (IIS):

IIS is a web server software developed by Microsoft that is designed to run
on Windows operating systems. It is known for its scalability, security
features, and support for Microsoft technologies such as ASP.NET and
Microsoft SQL Server.

3. Nginx:
Nginx is a high-performance, open-source web server software that is
known for its speed, scalability, and ease of use. It is often used as a
reverse proxy server or load balancer and can be used to serve static and
dynamic content.
4. Lighttpd:
Lighttpd is a lightweight, open-source web server software that is designed
for high performance and low resource consumption. It is known for its
speed, stability, and security features.

How Does a Web Server Work?

Here’s a basic overview of how a web server works:

1. The client device (e.g., a web browser) sends a request to the web server
for a particular resource, such as a web page.
2. The web server receives the request and processes it, checking if the
requested resource exists and is accessible.
3. If the resource is available, the web server retrieves it and sends it back to
the client’s device as a response.
4. The client device receives the response and displays the resource (e.g.,
web page) to the user.

This process typically involves several layers of communication protocols,

including HTTP (Hypertext Transfer Protocol), TCP/IP (Transmission
Control Protocol/Internet Protocol), and DNS (Domain Name System).

Web servers can also perform other functions such as database

management, session management, and security checks to ensure that the
requested resources are delivered securely and efficiently.

Static Web Server vs Dynamic Web Server

Static and dynamic web servers are two types of web servers that differ in
how they deliver web content.

Static web servers serve pre-existing web pages that do not change in real-
time. These web pages are usually written in HTML and CSS and are
stored on the web server’s file system. Whenever a client device requests a
page, the web server retrieves the requested file and sends it back to the
client as a response.

Dynamic web servers, on the other hand, generate web pages on the fly in
response to user requests. These servers use programming languages like
PHP, Python, and Ruby to build web pages from databases, APIs, and
other sources of dynamic data. Whenever a client device requests a page,
the server runs the necessary code to generate the page and sends it back
to the client as a response.
 Uses of Web Server

Web servers have a wide range of uses and applications, as they are the
backbone of the internet and the means by which web resources are
delivered to users. Here are some of the most common uses of web
servers:

1. Hosting websites: Web servers are used to host websites, making them
accessible to users around the world. They serve up HTML, CSS,
JavaScript, and other web resources that make up web pages.
2. Running web applications: Web servers are used to host web
applications that run in the browser, such as online shopping carts, social
media platforms, and productivity tools.

3. Streaming media: Web servers are used to stream audio and video
content over the internet, allowing users to access music, movies, and
other multimedia resources.
4. Managing online databases: Web servers are used to manage online
databases, allowing users to access and manipulate data via web-based
interfaces.
5. Cloud computing: Web servers are used to power cloud computing
services, allowing users to access computing resources and data storage
via the Internet.
6. Internet of Things (IoT): Web servers are used to power IoT devices,
allowing them to communicate and exchange data over the Internet.

7. File sharing: Web servers are used to share files over the internet,
allowing users to access and download files such as documents, images,
and videos.
What is Web Server Security?

Web server security refers to the measures and practices used to protect a
web server from unauthorized access, malicious attacks, and other security
threats. A secure web server ensures that sensitive data and resources are
protected from unauthorized access, ensuring the confidentiality, integrity,
and availability of web resources.

Here are some common web server security measures:

1. Regular software updates: It’s important to keep the web server software
and applications up-to-date to address any security vulnerabilities or bugs.
2. Secure configuration: The web server should be configured with strong
security settings, such as secure file permissions, SSL/TLS encryption, and
secure authentication mechanisms.
3. Access control: The web server should be configured to restrict access to
sensitive data and resources, including password-protecting directories and
using firewall rules.

4. Security testing: Regular security testing and vulnerability scanning

should be performed to identify and address any potential security threats.
5. Monitoring and logging: Monitoring the web server logs and activity can
help detect and respond to security incidents in a timely manner.
6. Backup and recovery: Regular backups of the web server and data
should be performed to ensure quick recovery in case of data loss or other
security incidents.

CGI: Common Gateway Interface

CGI stands for Common Gateway Interface. It is a technology that enables a web
browser to submit forms and connect to programs over a web server. It is the best way
for a web server to send forms and connect to programs on the server. CGI can also
be described as a set of standards or rules where a program or script can send data
back to the web server where it can be processed.

So, it is an interface for running executables via a web server. In general, it means
taking an HTTP request and passing it to an application in order to deliver a
dynamically generated HTML page back to a browser. However, any program that can
run on a web server is usable as a CGI script. Generally, CGI programs are used to
generate pages dynamically or to perform some other action when someone fills out
an HTML form and clicks the submit button. CGI applications can be written in any
programming language, some of which are Perl, PHP, and Python.
How CGI works?

The browser sends a URL that causes the AOL server to use CGI to run a program. The
browser runs on a client machine and exchanges information with a Web server using
the HyperText Transfer Protocol or HTTP. Depending on the type of request from the
browser, the web server may provide a document from its own document directory or
executes a CGI program which means it passes the input from the reader (browser) to
the program and output from the program back to the reader (browser). Thus, CGI
works as a gateway between the AOL server and the program you write.

The steps involved in creating a dynamic HTML document on the fly through CGI
are as follows:

1. The client sends an HTTP request through a URL.

2. From the URL, the Web server decides that it should activate the gateway program
listed in the URL and send any parameters passed via the URL to that program.
3. The gateway program processes the information and returns HTML text to the Web
server. The Web server adds a MIME header and sends the HTML text to the Web
browser.
4. The web browser renders the document received from the web server.

Qualities of CGI
The following list includes some of the advantages of CGI:

o It is a very well-supported and defined standard.

o Typically, CGI scripts are written in Perl, C, or even just a straightforward shell script.
 o The technology called CGI communicates with HTML.
o CGI is currently the fastest way to build a counter; hence it should be used.
o The CGI standard is typically the one that works best with modern browsers.

Benefits of CGI:
o Currently, CGI is easier to use than Java for performing complex operations.
o Using pre-written code is usually simpler than writing your own.
o As long as they adhere to the definition, CGI allows programmes to be created in any
language and on any platform.
o There are many CGI-based counters and CGI programmes that can carry out basic
functions.

API

API stands for Application Programming Interface. API is actually some kind
of interface which is having a set of functions. These set of functions will
allow programmers to acquire some specific features or the data of an
application.
Web API is an API as the name suggests, it can be accessed over the web
using the HTTP protocol. It is a framework that helps you to create and
develop HTTP based RESTFUL services. The web API can be developed by
using different technologies such as java, ASP.NET, etc. Web API is used in
either a web server or a web browser. Basically Web API is a web
development concept. It is limited to Web Application’s client-side and also it
does not include a web server or web browser details. If an application is to
be used on a distributed system and to provide services on different devices
like laptops, mobiles, etc then web API services are used. Web API is the
enhanced form of the web application.
ASP.NET Web API: ASP.NET stands for Active Server Pages.NET. It is
mostly used for creating web pages and web technologies. It is considered a
very important tool for developers to build dynamic web pages using
languages like C# and Visual Basic. ASP.NET Web API is a framework that
helps you to build services by making it easy to reach a wide range of clients
including browsers, mobiles, tablets, etc. With the help of ASP.NET, you can
use the same framework and same patterns for creating web pages and
services both.
Where to use Web API?

1. Web APIs are very useful in implementation of RESTFUL web services

using .NET framework.
2. Web API helps in enabling the development of HTTP services to reach
out to client entities like browser, devices or tablets.
3. ASP.NET Web API can be used with MVC for any type of application.
4. A web API can help you develop ASP.NET application via AJAX.
5. Hence, web API makes it easier for the developers to build an ASP.NET
application that is compatible with any browser and almost any device.
Why to Choose Web API?
• A Web API services are preferable over other services to use with a
native application that does not support SOAP but require web services.
• For creating resource-oriented services, the web API services are the
best to choose. By using HTTP or restful service, these services are
established.
• If you want good performance and fast development of services, the web
API services are very helpful.
• For developing light weighted and maintainable web services, web API
services are really helpful to develop that service. It supports any text
pattern like JSON, XML etc.
• The devices that have tight bandwidth or having a limitation in bandwidth,
then the Web API services are the best for those devices.
How to use Web API? Web API receives requests from different types of
client devices like mobile, laptop, etc, and then sends those requests to the
webserver to process those requests and returns the desired output to the
client. Web API is a System to System interaction, in which the data or
information from one system can be accessed by another system, after the
completion of execution the resultant data or we can say as output is shown
to the viewer.
API provides data to its programmers which is made available to outside
users. When programmers decide to make some of their data available to
the public, they “expose endpoints, ” meaning they publish a portion of the
language they have used to build their program. Other programmers can
then extract the data from the application by building URLs or using HTTP
clients to request data from those endpoints.
Server Side: A server-side web API is a programmatic interface. It consists
of one or more publicly exposed endpoints. It defines a request-response
message system. Mashup is a web application that is a server-side API that
combines several server-side APIs. Webhook is a server-side API that takes
input as a uniform resource identifier.
Client Side: Client Side web APIs target standardized JavaScript bindings.
Google created their native client architecture designed to replace native
plug-ins with secure native sandboxed extensions and applications.
Steps to use Web API:
• Most APIs require an API key. Once you find an API you want to play
with, look in the documentation for access requirements. Most APIs will
ask you to complete an identity verification, like signing in with your
Google account. You’ll get a unique string of letters and numbers to use
when accessing the API.
• The easiest way to start using an API is by finding an HTTP client online,
like REST-Client, Postman, or Paw. These ready-made tools help you
structure your requests to access existing APIs with the API key you
received. You’ll still need to know some of the syntaxes from the
documentation, but there is very little coding knowledge required.
• The next best way to pull data from an API is by building a URL from
existing API documentation.
Popular API Examples:
1. Google Maps API’s: Google Maps APIs allows developers to use Google
Maps on Webpages using a JavaScript or Flash interface.
2. YouTube API’s: Google’s API lets developers integrate YouTube and
functionality into websites or applications. YouTube APIs include the
YouTube analytics API, YouTube Data API, YouTube live streaming API,
YouTube Player APIs and others.
3. The Flickr APIs: It is used by developers to access the Flick photo
sharing community data.
4. Twitter APIs: Twitter offers two APIs, the REST API allows developers to
access core Twitter data and the search API provides methods for
developers to interact with twitter search and trends data.
What is Client-side Scripting?
Client-side scripting generates code that may be executed on the client end without
needing server-side processing. These scripts are typically embedded into HTML text.
Client-side scripting may be utilized to check the user's form for problems before
submitting it and to change the content based on the user input. The web needs three
components to function: client, database, and server.

The client-side scripting may significantly reduce server demand. It is intended to be

utilized as a scripting language with a web browser as the host program.
The HTML and CSS are delivered as plain text when a user uses a browser to request
a webpage from the server, and the browser understands and renders the web content
at the client end.

Client-side Scripting Languages

There are various client-side scripting languages. Some main client-side scripting
languages are as follows:

HTML

It is not a scripting language; it is a markup language. However, it serves as the basic

language for client-side web development, also referred to as front-end. The presence
of hypertext on a page denotes its hyperlinks. The markup language uses tags to
define the structure and layout. It is a programming language that is mainly used to
design a web page's structure and layout.
CSS

CSS is an abbreviation for Cascading Style Sheets. It provides a technique for creating
graphic elements that help a web application's appearance look more appealing. A
style tag in a web page defines all the specifics regarding the web page's presentation,
including its border styles, image styles, colour, font styles, borders, format, font size,
margins, padding, etc.

JavaScript

It is a client-side scripting language designed for a specific purpose, but several

JavaScript frameworks are already utilized as server-side scripting technologies.

VBScript

VBScript is based on Visual Basic, which was created by Microsoft in 1996. It is a

scripting programming language that is lightweight, fast, and easy to learn. It is not a
OOPs language but is similar to JavaScript.

Features of Client-side Scripting

There are various features of client-side scripting. Some main features of the client-
side scripting are as follows:

1. It is intended to execute code on which a web browser runs, and the results of the
inputs are delivered to an accessible user.
2. Client-side scripting enables greater involvement with clients via the browser and is
used to validate programs and functionality based on the request.
3. The client does not include any contact with the server in client-side scripting; the only
interaction is receiving the requested data

What is Server-side Scripting?

Server-side scripting is a programming technique for creating code that may run
software on the server side. In other words, server-side scripting is any scripting
method that may operate on a web server. At the server end, actions such as website
customization, dynamic changes in website content, response creation to user
requests, database access, and many more are carried out.

Server-side scripting creates a communication channel between a server and a client.

Previously, CGI (Common Gateway Interface) scripts were used to implement server-
side scripting, and CGI was created to execute scripts written in computer languages
such as C++ or Perl on websites.

The server-side is made up of three parts: the database, the server, the APIs, and the
backend web software written in the server-side scripting language. When a browser
requests a page with server-side scripting, the web server evaluates the script before
delivering the page to the browser. In this case, script processing may entail collecting
information from a database, performing simple computations, or selecting the
relevant material to be shown on the client end. The output is provided to the web
browser when the script is processed. The web server hides the scripts from the end
user until the content is delivered, making the data and source code safer.

Server-side scripting languages

There are various server-side scripting languages. Some main server-side scripting
languages are as follows:

Python

It is an open-source language that is very powerful and easy to learn. It is suitable for
beginners because it is simple to learn and read. It is believed to be used by Google
and YouTube. It is a OOPs language with dynamic typing and data structures. It has
grown to be one of the most popular languages for both quick application
development and web development.

PHP

It is an open-source server-side scripting programming language mainly designed for

web apps and is the most utilized scripting language. It allows you to retrieve and
manipulate data from a database and is utilized along with SQL to query the database.
It is a fast and simple language to learn and develop, and Facebook, Wikipedia, and
WordPress utilize it.

Ruby

It is a free and open-source programming language that was developed and firstly
introduced in the early 1990s. It is a dynamic language that is simple to read and write
and an OOPs language that is interpreted as it runs. It has evolved continuously since
its development and is one of the most utilized web development languages.

Features of Server-side Scripting

There are various features of server-side scripting. Some main features of the server-
side scripting are as follows:
1. It is connected with data access, error handling, and data processing speed.
2. It is processed and interacts with the server.
3. Using a highly integrated programming language makes it more secure than client-
side scripting.