What happens when you type ‘holbertonschool.com’ in your browser and press Enter
Ever wondered what goes on backstage when you are navigating the web in your browser of choice?
You may think accessing a website is just that, accessing like one would any program, yet in that milisecond timeframe that goes by when we press Enter and our targeted website appears, there is a LOT that goes on, which I will try and cover in the following article.
Websites are not something that just plainly exist in the “cloud” — an abstract concept of a place where everything in the internet happens. It is true that such a place exists, and the “cloud” is a new concept that plays an important role, but this storage place where the internet is stored is not invisible nor somewhere “up there”. Everything is stored in actual, phyisical places. *insert amazed emoji here*. So, to better explain what happens when we write a website address on our browsers and press Enter, we should first cover some basic concepts.
What is a server?
A server is a software or hardware that takes in requests and returns responses to such requests over a network. It provides this service to its user or client which might be running in the same or in other computers and therefore achieves communication through the network in the known client/server programming model. Servers can be physical machines, virtual machines or softwares performing this service.
So, every website we know is stored in a server somewhere. The location can be anywhere in the world, and many different servers have different roles in the display of a website.
The way a browser finds where in the world the website you want to find is stored, is through the domain name.
In our example, the domain name of our website is www.holbertonschool.com. A domain name therefore is the address of a website that you type in the browser URL in order to visit that website. Yet, as we know, domain names that we commonly use are very different in length from one another. This is because every domain address we type in is actually a sort of alias for the IP address of the server where that website is hosted. IP addresses are combinations of numbers, and since remembering every address would be very difficult, we use human friendly aliases of words.
There is a specific server in charge of translating what the user types in, into an address — the DNS. The DNS is the Domain Name Server and is a global network of servers in charge of receiving the address and returning the corresponding IP to that address, so that the browser can then find the correct server and display the website.
There are different types of domains and the DNS process is long enough to be covered in an article by itself, but the main steps for this specific case are:
- The user enters the address in the browser URL and presses Enter
- The browser searches in its own cache to see if it has visited this website before
- If the information is not there, then the browser requests the OS to check in the cache to see if the information is there
- If it is not, then the browser calls the Resolver, an intermediate server between the browser and the DNS. It receives the hostname (www.holbertsonschool.com) and tracks down the IP for that hostname.
- If the Resolver cannot -solve- the issue, it will then contact the DNS Root Server and receives details of the TLD Name Server, then Authoritative Name Server and finally receives the IP for that specific website.
- This IP then travels all the way back to the browser, who will then begin the request to the server.
And alllll this, was just a tiny first step only to translate from the written human-friendly address, to the IP address. Remember how it all happens in miliseconds… ?
So we are back at the browser and now, with the IP information, the browser will begin the hunt for the website in the wide, wide, wide web. Every connection is done through specific protocols which are a set of particular rules that determine the conditions of said connection. The browser will connect to the servers in the web through TCP/IP. This stands for Transmission Control Protocol/Internet Protocol and like any other protocol, it is a set of standardized rules that allow the communication through the internet network to happen.
TCP and IP are two separate protocols. TCP is responsible for the data delivery once the IP has been found, and IP is the part that obtains the address to which the data is sent to. In this case it makes sense that the browser uses both, since there is specific data to be sent (the website) to a specific location.
This protocol makes sure that every piece of information is correctly sent. If it were to encounter a problem, then all the information sent would be pulled back, regardless if a certain part was correctly sent, and have to be re-sent. The way it sends data is by breaking it down into small packets and sending them one by one and reassembling them back together in the receivers end. Only if all the packets are correclty sent will the process be done and the output displayed. If at any moment one of the packets fails for some reason, then they are all pulled back, the message is not sent and the process is restarted.
Because of the way TCP transfers data, it ensures that all of the data is sent and nothing is lost along the way. In the case of sending a website, this is important since you need it as a whole to properly function. Other type of services use other protocols. For example live streaming uses the UDP protocol, where data is also divided into packets and they are sent one by one but there are no checks along the way if all the information was properly received, it just keeps sending. This is why during a live stream we can experience lagging or cuts and we do not get a chance to see the part we missed because that information was lost along the way.
So, we have a browser that obtained the IP of the website we want to fetch, we know the data transmission will be done throught the TCP/IP because we want to receive all the information and not lose anything. So, how will the browser make the requests?
This is when yet another protocol comes into place: The HTTP.
HTTP stands for HyperText Transfer Protocol, and is a specific client-server protocol which allows the fetching of resources such as HTML documents (that make up websites). This protocol allows for the request to be initiated by the recipient which in this case is the browser, and will reconstruct the complete document from all the different documents fetched from the server which is hosting them. The HTTP will send the information through TCP in this case — see how they are different protocols doing different things but working together to achieve the desired communication.
HTTP can not only fetch hypertext documents such as HTML but also images and videos or forms where the user can post content through.
Seems pretty straightforward, yet the title of this section says HTTPS and not HTTP… Well, HTTPS is the secure extension of HTTP and that is what the S stands for. SSL stands for Secure Sockets Layer and is a type of digital security that allows encrypted communication between a website and a web browser.
In today’s digitalization where a lot of sensible information is shared through websites such as bank accounts, credit card information and personal information, it is of extreme importance for information to be secure and as far away from a possible leak or hack as possible. This is why the majority of websites use the secure HTTPS and as a user one should be very careful when using websites and making sure the connection is secure before sharing imporant information. The most common way to see if a website is using this type of connection is to check for a small padlock 🔒 beside the URL bar. Always check for this especially when making payments or posting personal information.
HTTP will make the connection through port 80 by default while HTTPS will do so through port 443.
So far we have obtained the IP address from the website URL, we have established a secure connection and defined how the information will be transferred. Now, can we finally go get it !?
Sure we can, and to do so, we must go through the bouncer… I mean the balancer!
As in cities, website traffic can increase or decrease during the day, certain times of the week or even the year. And website traffic works just like street traffic — an accumulation of people wanting to get to the same place, at the same time.
Like I said before, websites are hosted, “stored” in physical servers somewhere in the world. Yet, a good website will not only be stored in one, but it will be mirrored in several servers around the world, depending on how much traffic it is used to receiving. We’ll go more into that later, but basically there are several places where this website can be found, so that many people can find it at the same time and avoid website traffic. The “bouncer” in charge of saying which user goes to fetch the website to which server is the Load Balancer. It will read the servers and redirect the traffic accordingly to every server, ensuring the best distribution of traffic to avoid build ups and to maximize request speed. Also, if for some reason a server is failing the load balancer will detect this and redirect the traffic to the remaining servers until the broken one is fixed.
This provides the flexibility to add or subtract servers or purposely turning off one in order to do maintainance while still ensuring the functionality of the website in the remaining servers. This is because if for some reason the users cannot access a certain website it could mean monetary loss and a bad user experience, two things any website service owner wants to avoid at all costs.
The load balancer distributes the traffic by applying one of the many distribution algorithms available. There are many, but the default one is called Round Robin and what it does it sends one user to every server before starting again sending one to each from the first to the last and so forth.
But… Can we get to the website already?
So, after a lot of steps yet very few miliseconds, we are finally inside the network, with the correct directions to go and find the desired website.
Nowadays, websites are more and more like applications instead of static websites like they used to be before.
This means that by being web applications, the information is personalized to and with the user, and it is not only a generic website common for whoever opens it.
What this means is that different parts of the website will be stored in different servers and alltogether will make up the final product.
The web server will store and return static data. This means everything that is common for everyone who uses the website. It could be general information, forms, images, sections… anything that is static and will forever remain as is in the website.
Application server and Database
The application server as opposed to the web server will return whatever is dynamic within the website. This means anything and everything that is personalized in the website. Say for example a certain website will greet you with the text “Hello YourName” when you enter. Well, the “YourName” part will come from the application server.
What this server does is check the Database of your application and retrieve whatever information matches the user, be it by IP, by logged in session or whatever information it uses.
So after bringing up whatever the web server has, the process will continue and call whatever the application server has, who will check the database and return all the data to be used.
As a modern service, it is always better to use the application server together with the web server in order to create interactive and personalized websites that ensure user customization and will display different results depending on the context of the request.
Finally, every step of this whole communication should have firewalls in every server. Firewalls are network security that monitor incoming and outgoing network traffic and allows or blocks data packets based on a set of security protocols. It is an extra set of security to finish ensuring a secure connection and blocking malicious traffic such as viruses and hackers.
There are many types of firewalls using more strict or flexible protocols, yet they all share the same purpose of security and traffic monitoring.
Can you display the website I requested already!?
Okayyyy, so after all of these steps, the website has been retrieved properly. The data then makes it back to the browser who will interpret it and display it accordingly, to the very, very impatient user who was been waiting for approximately two seconds.
It may seem something simple, but there are way more steps to this process than the average user usually knows about, so learning about these things makes it more interesting and can even help you figure out error messages in case there are any.
Hope the whole process is a bit more clear now! :)