How Website Work

Putting It All Together

Request website in your browser.Find web server IP address with DNS.Connect to webserver.View website.

Other Components

Load Balancers: help websites and apps handle a lot of traffic without crashing.CDN(Content Delivery Networks): make websites load faster by delivering content from servers that are close to the user.Databases: store and manage all the information on a website.WAF(Web Application Firewalls): protect websites from hackers and other online threats.

Introduction to DNS

DNS (Domain Name System): Convert an IP Address(104.26.10.229) into the name of a website, such as tryhackme.com. To make it easier to use the website.

Domain Hierarchy

Top-Level Domain: is the rightmost part of the domain name, such as .com and .orgSecond-Level Domain: is the predecessor to a TLD, such as tryhackme.Subdomain: is an extension before SLD, such as admin.tryhackme.com

Record Types

DNS: Convert domain name to address(IP Address) that computer can understand.A: Locate that domain name on the internet (IPv4).AAAA: Same A but use with (IPv6).CNAME: Point one domain name to another domain name.MX: Tells which server handles email for that domain. and have priority It ensures that emails are forwarded even if the main server is down.TXT: Text fields where data can be entered It helps verify correct email server identity and verify domain ownership for online services.

Practical

Disclaimer: All of these examples are from DNS in Detail room.Question 1: What is the CNAME of shop.website.thm?
```bash
$ nslookup --type=CNAME shop.website.thm
# shop.website.thm canonical name = shops.myshopify.com
```
Answer 1: shops.myshopify.comQuestion 2: What i the value of the TXT record of website.thm?
```bash
$ nslookup --type=TXT website.thm
# website.thm text = "THM{7012BBA60997F35A9516C2E16D2944FF}"
```
Answer 2: THM{7012BBA60997F35A9516C2E16D2944FF}Question 3: What is the numerical priority value for the MX record?
```bash
$ nslookup --type=MX website.thm
# website.thm mail exchanger = 30 alt4.aspmx.l.google.com
```
Answer 3: 30Question 4: What is the IP address for the A record of www.website.thm?
```bash
$ nslookup --type=A www.website.thm
# Name: www.website.thm
# Address: 10.10.10.10
```
Answer 4: 10.10.10.10

Introduction to HTTP

Disclaimer: All of these http topic I learn from HTTP in Detail room.HTTP: A protocol used to communicate between a computer and a web server to transmit web page information.HTTPS: Secure version of HTTP HTTPS is encrypted. Make other people unable to see the data being sent.

Requests and Responses

Example URL: `http://sub.domain.com/blog/artical/search?id=42`
`http://`: protocal
`sub`: subdomain
`domain`: domain name
`.com`: TLD(Top-Level Domain)
`/blog/artical/earch`: path of content
`?id=42`: parameterRequest: To request basic information from the web server use GET/HTTP/1.1 and if additional information must be sent use headers.`GET / HTTP/1.1`: request the server to end back the home page.
`Host: tryhackme.com`: tell server that we want to access to tryhackme.com
`Uer-Agent: Mozilla/5.0 Firefox/87.0`: tell server that we use firefox version 87.0
`Referer: https:tryhackme.com`: tell the server what page we came from previously.
# HTTP requests often end with a blank line. to notify that the request has been completed.Response: The server’s answer to our request. Allows us to see various website pages.`HTTP/1.1 200 OK`: HTTP protocal version 1.1 and status code of the request is sucessful.
`Server: nginx/1.15.8`: specify the name and version of the web server.
`Date: Fri, 09 Apr 2021 13:34:03 GMT`: specify date and time that server response back.
`Content-Type: text/html`: specify type of data that response back.
`Content-Length: 98`: specify the total number of characters of the data returned.
```html
<html>
<head>
<title>TryHackMe</title>
</head>
<body>
Welcome To TryHackMe.com
</body>
</html>
```

HTTP Methods

The commands we use tell the server what we want the server to do with the data on the website.GET: Use for get data from web server.POST: Use for send the data into web server.PUT: Use for update data on the web server.DELETE: Use for delete data from web server.

HTTP Status Code

Code that server response back to the web browser for tell the result of request the information.200 OK: The request has succeeded.201 Created: A new resource (like a new user or post) has been successfully created.301 Moved Permanently: This tells the browser to permanently redirect to a new URL.302 Found: This tells the browser to temporarily redirect to a new URL.400 Bad Request: The request was malformed or missing necessary information.401 Unauthorized: Authentication is required to access the resource.403 Forbidden: You don’t have permission to access the resource.405 Method Not Allowed: The request method used is not supported for the requested resource.500 Internal Server Error: The server encountered an unexpected condition which prevented it from fulfilling the request.503 Service Unavailable: The server is currently unable to handle the request due to a temporary overload or maintenance.

Headers

Additional information sent to the web server when making a request.

Cookies

They are small data files that are sent to your device (e.g. computer, smartphone) by a website.Its main duty is Remember your usage information So that the website can adjust its content and services to better suit your needs.- Example:
- Cookies store a token, which is a secret code that cannot be easily guessed.
- When you log in The web server sends the token in a cookie.
- When you return to the website again. You will send the token back to the web server to verify and verify your identity.