Web Applications became a part of our lives. They play a key role in our every life on the internet. We shop online, do banking transactions, and whatnot. We do almost everything on the internet. Definitely, it poses some risk to the application from malicious users. Apart from this, it also poses risk to the user using the applications. It is really important to understand the risk and protect this application from attacks by hackers or malware.
Understanding the Web Application Architecture.
Most dynamic Web Applications rely primarily on these components:
The client is usually a web browser. But, we can use another client such as the cURL component line program as a client.
The server is the component that processes the requests sent by the client. If it is a web browser, it servers web pages in response to the client’s requests. In some cases, the application server might be involved in this chain to process the client requests. In such cases, the web server will just forward the request to the application server.
A database is considered a storage backend, which is used to save and retrieve data.
On the server side a lot of technologies can be used as described below:
- A web server like Apache, Lighttpd, Nginx, IIS…
- Application servers like Tomcat, JBoss, Oracle Application server…
- The programming language used includes PHP, Java, Ruby, Phyton, ASP, C#, etc. This programming language can also be used as part of frameworks like Ruby-on-Rails, .Net MVC, and Django.
The database can be located on the same server as the web server or on a different one.
A few examples of database backends are :
- Simple files
- Relational databases like MySQL, Oracle, SQL Server, and PostgreSQL.
- Other databases like MongoDB, and CouchDB.
- Directories like open LDAP or Active Directory.
An application can use more than one storage backend. For example, some applications use LDAP to store users and their credentials and use SQL Server to store information.