tryhackme: What are some of the most important other components in a web server?

-

1. Load Balancers


When a website's traffic starts getting quite large or is running an application that needs to have high availability, one web server might no longer do the job.


Load balancers provide two main features, ensuring high traffic websites can handle the load and providing a failover if a server becomes unresponsive.


When the user request a website with a load balancer, the load balancer wil receive your request first and then forward it to one of the multiple servers behind it. 


The load balancer uses different algorithms to help it decide which server is best to deal with the request. 


 A couple of examples of these algorithms are round-robin which sends it to each server in turn.


 Or weighted, which checks how many requests a server is currently dealing with and sends it to the least busy server.


 Load balancers also perform periodic checks with each server to ensure they are running correctly, this is called a health check.


 If a server doesn't respond appropriately or doesn't respond, the load balancer will stop sending traffic until it responds appropriately again.


 https://static-labs.tryhackme.cloud/sites/puttingittogether/loadbalancer.png


--------------------------------------------------------------------------------------------------------------------------------------------------------------------------

2.  CDN (Content Delivery Networks)


 A CDN can be an excellent resource for cutting down traffic to a busy website. 


 It allows you to host static files from your website, such a JavaScript, CSS, Images, Videos, and host them across thousands of servers all over the world.


 When a user requests one of the hosted files, the CDN works out where the nearest server is physically located and sends the request there instead of potentially the other side of the world.


--------------------------------------------------------------------------------------------------------------------------------------------------------------------------

3.  Databases 


 Often websites will need a way of storing information for their users. 


 Webservers can communicate with databases to store and recall data from them. 


 Databases can range from just a simple plain text file up to complex clusters of multiple servers providing speed and resilience. 


 common databases: MySQL, MSSQL, MongoDB, GraphQL, Postgres.


 There s more and each has its specific features.


--------------------------------------------------------------------------------------------------------------------------------------------------------------------------

4.  WAF (Web Application Firewall)


 A WAF sits between your web request and the web server.


 Its primary purpose is to protect the webserver from cyber attacks such as hacking / Dos\Ddos. 


 It analyses the web requests for common attack techniques, whether the request is from a real browser rather than a bot. 


 It also checks if an excessive amount of web requests are being sent by utilising something called rate limiting, which will only allow a certain amount of requests from an IP per second.


 If a request is deemed a potential attack, it will be dropped and never sent to the webserver. 

 --------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Comments

Post a Comment

Popular posts from this blog

Common Network Commands: Ping

-
Ping Command Overview The `ping` command is a fundamental utility used in network diagnostics. It checks the reachability of a host on an Internet Protocol (IP) network and measures the round-trip time for messages sent from the originating host to a destination computer. The command uses the Internet Control Message Protocol (ICMP) to send echo request packets and listens for echo replies. Origin and Development The `ping` command was developed in 1983 by Mike Muuss as a diagnostic tool for the ARPANET. Since then, it has become a standard utility available on most operating systems, including Linux, Windows, and macOS, making it an essential tool for network administrators and users. Basic Functionality The `ping` command serves several functions: - Tests connectivity to a specified host. - Measures the time taken for packets to travel to the destination and back. - Provides statistics about packet loss and round-trip time. Key Command Syntax 1. Basic Syntax:    ```    ping [options]
Read more

Common Network Commands: Route

-
Route Command Overview The route command is a part of the older net-tools package used in Linux systems for viewing and manipulating the IP routing table. It provides information about how packets are routed through the network and allows for the addition, deletion, and modification of routes. Origin and Development Historically, the route command has been a primary tool for managing network routing in Linux. However, it has largely been replaced by the ip command from the iproute2 package, which offers more advanced features and capabilities. Despite this, route is still commonly used in many Linux distributions for its simplicity and familiarity. Basic Functionality The route command serves several functions: - Displays the current routing table entries. - Shows destination networks, gateways, and associated interfaces. - Allows for the addition, deletion, and modification of routes. Key Command Syntax 1. Display Routing Table:    ```    route -n    ```    The -n option prevents DNS
Read more

John The Ripper

-
John the Ripper  Is one of the most well known, well-loved and versatile hash cracking tools out there. It combines a fast cracking speed, with an extraordinary range of compatible hash types. This room will assume no previous knowledge, so we must first cover some basic terms and concepts before we move into practical hash cracking. A hash is a way of taking a piece of data of any length and  representing it in another form that is a fixed length. This masks the original value of the data. This is done by running the original data through a hashing algorithm. There are many popular hashing algorithms, such as MD4,MD5, SHA1 and NTLM. Lets try and show this with an example: If we take "polo", a string of 4 characters- and run it through an MD5 hashing algorithm, we end up with an output of: b53759f3ce692de7aff1b5779d3964da a standard 32 character MD5 hash. Likewise, if we take "polomints", a string of 9 characters- and run it through the same MD5 hashing algorithm, w
Read more