In this section, we will explore the true nature of a website. Essentially, a website is an application that is installed on a device or computer, comprised of two primary components: a web server (such as Apache) and a database (such as MySQL).
- The main function of the web server is to comprehend and execute the web application. This application can be developed using various programming languages like Java, Python, PHP, and others, as long as the web server can interpret and run it.
- The web application relies on a database to store its data, which is stored on a server computer. This server is connected to the internet and has a unique IP address, making it accessible to anyone who wants to access or ping it.
When a web application is accessed, it is executed on the web server installed on our server, rather than on the client’s computer. As a result, each time a page is requested or the web application is run, it is executed on the web server. After the execution is complete, the web server sends an HTML page that is ready for the target client or user to read, as depicted in the diagram below:
When using a computer or phone to access Google by typing “google.com” in the URL, the name is translated into an IP address through a DNS server. This server is responsible for translating domain names for websites, such as .com or .edu, into their respective IP addresses. Upon requesting access to Google, the DNS server will translate the name to the relevant IP address, and execute the requested page using all of the aforementioned applications. Finally, the server will deliver the completed HTML page to the user.
After the program is executed on the server, the output is an HTML document written in a markup language. This is significant because if we want to execute anything on the web server, like a shell, we must send it in a language that the web server can comprehend, such as PHP. Once the code is executed on the server, it will run on the target machine.
Irrespective of the user accessing the web pages, the web shell, provided it is written in a language that the server recognizes such as Java, will execute on the server and not on the user’s computer, granting access to the server rather than the user who accessed it.
Alternatively, certain websites utilize JavaScript as a client-side language. Should we encounter a website that permits JavaScript code to run, the code will be executed on the client-side rather than the web server. Although it is feasible to inject the code into the server, any resulting attacks will transpire on the client’s computer. It is therefore critical to differentiate between client-side and server-side languages.
Thank you for selecting this article to gain insight into the question, “What is a Website?”. For additional information on Ethical Hacking, be sure to follow us @ tutorials.freshersnow.com on a daily basis.