Web Applications Architecture Review Part 1

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
or

Already have an account? Sign In »

Time
2 hours 5 minutes
Difficulty
Beginner
CEU/CPE
3
Video Transcription
00:00
Hello, everyone, and welcome back to the course.
00:03
After a brief introduction in the last video, we can start our review
00:08
first, we'll review the Web applications, architecture and its components.
00:12
Let's start with a question.
00:14
Check this affirmation.
00:16
Web applications are examples of client server model applications.
00:20
Is this information true or false?
00:24
This information is true.
00:26
We will discuss the client server model during this video.
00:29
Let's check the learning objectives of this video.
00:33
The learning objectives of this video are to review the Web application Architecture ER and the client server model.
00:39
We will review Web application components like the Web server and clients
00:44
to start.
00:45
Let's define what a Web application is.
00:49
According to Wikipedia, a Web app is a client server application that runs in a Web browser.
00:55
The Web applications can be static or dynamic, with many features. One example of a static page is text basis or just images.
01:03
And the dynamic Web page contains a lot of scripts to change the Web page,
01:07
for example,
01:08
for two different users, the Web server can send different Web pages. It happens because the scripts identify the user.
01:15
Advertising content is a good example.
01:19
The same Web page can contain different ads for different users. That's why we say dynamic
01:23
social networks and Internet banking are good examples of dynamic pages
01:29
for each user. The social network or the Internet banking page will display different content.
01:34
Usually the dynamic content is controlled by an application server.
01:40
You will see later in this video that the application server is one of the components of modern Web applications.
01:47
Some more definitions.
01:49
Do you know what all these things are?
01:52
Internet,
01:53
a huge network composed of many other smaller networks.
01:57
For example, your cell phone is inside a smaller network, and it connects to the Internet.
02:02
Www or the World Wide Web is a specific portion of the Internet that host websites or Web pages.
02:09
It's also known as the Web
02:13
HTML,
02:15
the default language to build Web pages and Web applications.
02:17
Even if you've heard about PHP or dot net
02:21
all those languages use HTML toe work
02:24
and http
02:27
The protocol used to transmit messages by www
02:30
It's the protocol the client uses to talk with the Web server
02:36
Web application Architecture ER uses the client server model.
02:38
It's composed of two components.
02:40
The client making requests and the server answering the requests.
02:46
The request uses http protocol.
02:50
The process is like this.
02:52
We have a Web browser that request some information
02:55
it uses the http to request from the Web server.
02:59
The Web server answers the request using http, too.
03:05
With the diversity of the Internet and the increased number of services offered,
03:08
the Web application has evolved.
03:10
The number of dynamic Web pages increased Ah, lot, though it's not as common to have multi layer applications.
03:19
The clients talk with the first layer, the presentation layer that contains the Web server.
03:23
This Web server often talks with an application server.
03:29
In addition
03:30
to handle the data, it's going to use a database server as one of the components.
03:35
For example,
03:36
for a banking application, the Web server will show the Web pages.
03:39
The application server will run the processes to calculate your savings, and the database will store your name, account and savings amount.
03:47
Depending on the Web application, the Web server can talk with the application server and the database server.
03:55
Although
03:57
the client should not connect to the application or database servers,
04:00
all the communication with the client is handled by the Web server.
04:04
Nothing.
04:05
How many people access the same Web page at the same time?
04:10
Do you think that Onley one Web server can handle all the requests for information?
04:15
By the end of 2018, we had around 4.3 billion people who access the Web
04:20
to answer all of those requests. The number of servers is high. To answer all these requests, a load balanced solution is used to share the workload on the main servers.
04:31
More servers are included on all layers.
04:34
That's how it's possible for so many people to access the same resource is at the same time.
04:44
Now let's talk about Web clients.
04:46
The Web server has the Web page, and it's waiting for the request for these pages.
04:51
The client request the page to the Web server. A request sent to the Web server is a Web client job known as a user agent.
05:00
Web browsers are the most commonly known.
05:02
You use Web browsers on your computer and on your mobile phone.
05:05
Some examples are Microsoft Edge, Mozilla Firefox, Google Chrome.
05:12
Although other programs can make the same http requests as the Web browsers,
05:17
some examples are end cat tell Net curl and w get
05:23
This is easy because http is text base.
05:27
You will see learning this course. That request is some text with comments.
05:32
Here are some examples of telnet requests and Firefox
05:39
to clarify.
05:40
Let's explore the Telenet command
05:44
on a limits machine We will access to Cyberia Page using Telnet.
05:47
If successful, it will show that you are connected to Sai Buri.
05:51
In this moment, the Web server is waiting for the http request to be answered.
05:57
If we send to the server and incorrect request,
06:00
it will answer with
06:00
bad request.
06:04
Let's see one more example.
06:06
Let's try to access the Sai Buri Web page.
06:10
If you use Firefox or another Web browser, you'll get a nice picture with an error.
06:15
If you do the same, using w get you will get the same error. But in text format,
06:20
the request is the same. The answer is the same,
06:24
but how the answer is displayed is different.
06:27
W Get is a common software for Linux systems.
06:30
Let's see w get working
06:34
w get can be considered as a text basis Web browser.
06:39
First,
06:40
we will request the Sai Buri Web page.
06:43
You can see here that it worked.
06:45
Now let's request the same Web page as the example,
06:48
the Web server answered,
06:50
but
06:51
you can see the 404 error.
06:55
The basic difference between Tell Net and W get is that with Till Net, you need to craft all the requests Telnet will not send. Http request to the Web server.
07:04
W Get is like a browser. It will send the request
07:09
after talking about clients and user agents.
07:13
The next important Web application component is the Web server.
07:17
As I said before, the Web servers are responsible for answering the clients requests.
07:25
The most common Web servers today are Apache, N G I X and Microsoft Internet Information Services.
07:31
They have some differences, but they all do the expected job of a Web server.
07:36
Throughout our course, the differences will be in the logs.
07:40
If we talk about the full configurations of logging Apache at N. G. I X logs look almost the same.
07:46
Microsoft I s has a different log structure, though
07:50
we will show this difference in the next videos,
07:53
you can get more information about the Web servers on each of the listed websites.
07:57
Let's do some questions
08:03
Post assessment question
08:05
complete the sentence is
08:07
you can pause the video if you'd like
08:11
the correct sentences. W W W uses the protocol http to transmit messages through computer networks.
08:20
It uses the client server model to operate
08:24
Mozilla Firefox, Google Chrome and Microsoft Edge are examples of Web browsers.
08:28
There are programs that make requests to Web servers like Apache and JX and Microsoft I. I. S
08:35
The second answer is
08:37
Get is an example of http Method and 200 is an example of http Status Code
08:43
Video Review.
08:46
In this video, we talked about Web application architecture ER and the client server model.
08:50
We also talked about some definitions of user agents and Web servers.
08:56
In the next video, we will focus on http status codes and http methods.
09:01
We will also do a brief review of TCP slash ip protocols.
Up Next
Identifying Web Attacks Through Logs

This course will review web application infrastructure, web servers, and the logs associated with them. We will also simulate 10 attack scenarios and identify the attack through logs that are generated by the web server.

Instructed By