Web Server

Basic operations
 Web Server
• The main job of a Web server is to respond to
requests from Web client computers by providing
resources.
• There are 3 components of a Web server:
– Hardware
– Operating system software
– Web server software

2
 Web Server
On the hardware side
• Web server computers
– More memory, larger hard disk drives, and faster
processors than typical PCs
• A web server stores a website's component files
and delivers them to the end-user's device.
• It is connected to the Internet and can be
accessed through a domain name like mozilla.org.
 Web Server
• On the software side, a web server includes
several parts that
– control how web users access hosted files
– generates and transmits responses to client
requests for Web resources.
 Web Server
At the most basic level:
– Whenever a browser needs a file hosted on a web
server, the browser requests the file via HTTP.
– When the request reaches the correct web server
(hardware), the HTTP server (software) sends the
requested document back, also through HTTP.
 HTTP
• HTTP is the protocol which the browser and
web servers communicate by.
• HTTP is short for Hyper Text Transfer Protocol.
• The web browser (client) initiates the
communication by opening a TCP/IP connection
to the web server, and sending an HTTP request
via the open connection.
• The web server responds by sending an HTTP
response back.
 HTTP Request Types
• Request methods
– Get
• Get (retrieves) information from a server
• i.e: retrieve HTML document or image, fetch search
results
– Post
• Post (sends) data to a server
• i.e: authentication information, form data.
 Web Server Response
 The server can generate the response message
in a variety of ways:
 The server simply retrieves the file associated
with the URL and returns the contents to the
client.
 The server may invoke a script that
communicates with other servers or a back-end
database to construct the response message.
Accessing web servers
 Two-Tier Client/Server Architecture

• Two-tier client/server architecture has one client and

one server

10
 Three-Tier and N-Tier Client/Server
Architectures
Three-tier architecture
Extends two-tier architecture to allow additional processing (e.g.,
collection of data from a database) before responses to requests are
made

N-tier architectures
Higher-order architectures

11
Steps in Handling a Client Request
 A Web server proceeds through the following
steps in handling an HTTP request:
 Read and parse the HTTP request message
for example GET the resource /foo.html
 Translate the URL to a file name
for example the resource be located in the base directory
such as /www, where the URL
http://www.bar.com/foo/index.html corresponds to
the file of www/foo/index.html
 Determine whether the request is authorized
 Generate and transmit the response to the
requesting client
 Access Control
• A Web server may limit which users can access
certain resources. Access control requires a
combination of authentication and
authorization.
– Authentication identifies the user who originated
the request.
– Authorization determines which users have access
to a particular resource.
 Authentication
• Most client-server systems authenticate a user
by asking for a name and password.
• Web server must perform authentication for
every request for a resource that has access
restrictions.
• The server returns an HTTP response that
indicates that the request requires authorization.
• The response also identifies what kind of
authentication is required.
 Authorization
 To control access to Web resources, the server must
employ an authorization policy.
 A policy typically expressed in terms of an access control
list that enumerates the users who are granted or denied
access to the resources.
 In addition to checking the user name, the server may
allow or deny access to the resource based on other
information associated with the HTTP request, such as the
host name or IP address of the requesting client.
 Authenticating HTTP requests can impose a heavy load on
the Web server.
 Types of Web Sites
• A Web site consists of a collection of web pages which are digital
files generally written using HyperText Markup Language (HTML).

• Intranets: Corporate networks that house internal memos,

corporate policy handbooks, and a variety of other corporate
documents
• Extranets: Intranets that allow authorized parties outside the
company to access information stored in the system
• Transaction-processing sites: Commerce sites that must be
available 24 hours a day, seven days a week
• Content-delivery sites: Deliver content such as news, histories,
summaries, and other digital information

16
 Virtual hosting
• A virtual host can run more than one website at a time.
Configure it properly, and you'll have one machine that can
load two, three, or more websites.
• When we think about the internet, we think in terms of
singularity. One website address resolves to one machine that
holds all the content. Virtual hosting turns this idea on its
head.
• The main benefit to virtual hosting is it allows companies to
host multiple websites (each with their own name and
content) on a single server. This method allows companies to
pay less, as they're sharing costs with many other
organizations.
• Virtual hosts are used in two main ways:
• External sales: Companies like GoDaddy and Wix
host multiple websites on their servers.
About 330,000 web hosting providers like this are
available worldwide. They all offer some type of
virtual web server.
• Internal traffic: Companies with an external-facing
website and an internal-facing intranet might use a
virtual host. They don't need two servers for this
traffic.
 Host types
• Someone who wants to visit your website types in an
address and hopes to end up in the right destination.
Virtual servers handle that query in a few different ways.
• You could base your virtual server on:
• Internet protocol (IP) address. Use a different IP for each
domain, but point them to one server. Allow that one
server to resolve multiple IP addresses.
• Name. Use one IP for all domains on the server. During
connection, ask your visitors which site they'd like to visit.
After that query, resolve the visit to the proper site.
• Port. Assign each website to a different port on the server.
 Drawbacks
• Drawbacks of these methods include:
• Delays. Choose the name system, and some
browsers will struggle to authenticate the site.
Your visitors could be told your site is not secure,
or others may wait long periods for your site to
load.
• Complexity. It takes little coding to set up IP
addresses for each site, but you may run out of
available IP addresses to use. And you must keep
track of which address corresponds to each site.