What is HTTP(s)

-

HTTP: HyperText Transfer Protocol

HTTPs: HyperText Transfer Protocol Secure

-------------------------------------------------------

http is what s used whenever we view a website, developed by Tim Berners-Lee and his team between 1989-1991


Http is the set of rules used to communicating with web servers for the transmitting webpage data, could be html images videos .... 


https is the secure version of http. 


The data is encrypted to prevent sniffing attacks on the http connection. 


It also gives us assurances that we are talking to the correct web server and not something impersonating it. ( dns poisoning attack ) 

-----------------------------------------------------------------------------------------------------------------------------

                                                            HTTP Methods

-----------------------------------------------------------------------------------------------------------------------------

Hypertext Transfer Protocol (HTTP) is the protocol that specifies how a web browser and a web server communicate.

HTTP methods are a way for the client to show their intended action when making an HTTP request. 

There are a lot of HTTP methods.

The common ones and most dealt with are GET and POST methods.

-----------------------------------------------------------------------------------------------------------------------------

GET Request

This is used for getting information from a web server.

POST Request 

This is used for submitting data to the web server and potentially creating new records 

PUT Request 

This is used for submitting data to a web server to update information 

DELETE Request 

This is used for deleting information/records from a web server

-----------------------------------------------------------------------------------------------------------------------------

                                                    HTTP Status Codes

-----------------------------------------------------------------------------------------------------------------------------


100-199 - Information Response

There are sent to tell the client: the first part of their request has been accepted and they should continue sending the rest of their request 

These codes are no longer very common. 

--------------------------------------------------

200-299 - Success

This range of status codes is used to tell the client their request was successful. 

--------------------------------------------------

300-399 - Redirection

These are used to redirect the client's request to another resource. 

This can be either to a different webpage or a different website altogether.

--------------------------------------------------

400-499 - Client Errors

Used to inform the client that there was an error with their request. 

--------------------------------------------------

500-599 - Server Errors

This is reserved for errors happening on the server-side and usually indicate quite a major problem with the server handling the request.

-----------------------------------------------------------------------------------------------------------------------------

Since there are a lot of different http status codes. 

Without including the fact that applications can even define their own status codes. 

These are the most common HTTP responses codes that the majority of the end users came across it.

* 200 - OK : The request was completed successfully.

* 201 - Created: A resources has been created.

* 301 - Permanent Redirect: This redirects the client's browser to a new webpage or tells the search engines that the page has moved somewhere ele and to look there instead.

* 302 - Temporary Redirect: Similar to permanent redirect, but as the name suggests, this is only a temporary change and it may change again in the near future. 

* 400 - Bad Request: This tells the browser that something was either wrong or missing in their request. 

This could sometimes be used if the web server resource that is being requested expected a certain parameter that the client didn't send. 

* 401 - Not Authorised: You are not currently allowed to view this resource until you have authorised with the web application, most commonly with a username and password 

* 403 - Forbidden: You do not have permission to view this resource whether you are logged in or not.

* 404 - Page Not Found: The page/resource you requested does not exist.

* 405 - Method Not Allowed: The resource does not allow this method request. 

For example: you send a GET request to the resource /create-account when it was expecting a POST request instead.

500 - Internal Service Error: The server has encountered some kind of error with your request that it does not know how to handle properly. 

503 - Service unavailable : This server cannot handle your request as it is either overloaded or down for maintenance.
-------------------------------------------------------
For more details on this topics, you can check the references below! 

-----------------------------------------------------------------------------------------------------------------------------
Thank you for reading! 🙂

Roger

Comments

Post a Comment

Popular posts from this blog

Common Network Commands: Ping

-
Ping Command Overview The `ping` command is a fundamental utility used in network diagnostics. It checks the reachability of a host on an Internet Protocol (IP) network and measures the round-trip time for messages sent from the originating host to a destination computer. The command uses the Internet Control Message Protocol (ICMP) to send echo request packets and listens for echo replies. Origin and Development The `ping` command was developed in 1983 by Mike Muuss as a diagnostic tool for the ARPANET. Since then, it has become a standard utility available on most operating systems, including Linux, Windows, and macOS, making it an essential tool for network administrators and users. Basic Functionality The `ping` command serves several functions: - Tests connectivity to a specified host. - Measures the time taken for packets to travel to the destination and back. - Provides statistics about packet loss and round-trip time. Key Command Syntax 1. Basic Syntax:    ```    ping [options]
Read more

Common Network Commands: Route

-
Route Command Overview The route command is a part of the older net-tools package used in Linux systems for viewing and manipulating the IP routing table. It provides information about how packets are routed through the network and allows for the addition, deletion, and modification of routes. Origin and Development Historically, the route command has been a primary tool for managing network routing in Linux. However, it has largely been replaced by the ip command from the iproute2 package, which offers more advanced features and capabilities. Despite this, route is still commonly used in many Linux distributions for its simplicity and familiarity. Basic Functionality The route command serves several functions: - Displays the current routing table entries. - Shows destination networks, gateways, and associated interfaces. - Allows for the addition, deletion, and modification of routes. Key Command Syntax 1. Display Routing Table:    ```    route -n    ```    The -n option prevents DNS
Read more

John The Ripper

-
John the Ripper  Is one of the most well known, well-loved and versatile hash cracking tools out there. It combines a fast cracking speed, with an extraordinary range of compatible hash types. This room will assume no previous knowledge, so we must first cover some basic terms and concepts before we move into practical hash cracking. A hash is a way of taking a piece of data of any length and  representing it in another form that is a fixed length. This masks the original value of the data. This is done by running the original data through a hashing algorithm. There are many popular hashing algorithms, such as MD4,MD5, SHA1 and NTLM. Lets try and show this with an example: If we take "polo", a string of 4 characters- and run it through an MD5 hashing algorithm, we end up with an output of: b53759f3ce692de7aff1b5779d3964da a standard 32 character MD5 hash. Likewise, if we take "polomints", a string of 9 characters- and run it through the same MD5 hashing algorithm, w
Read more