My Journey into Web Security: Starting with HTTP


Last Saturday, I decided to dive into web security, one of the fundamental pillars of cybersecurity. And where better to start than with HTTP?

What is HTTP?


HTTP (HyperText Transfer Protocol) is an application-layer protocol—essentially the layer between you and the server—used to access resources on the World Wide Web. The "hypertext" part refers to any text that contains a link to another resource.

Some key facts:
*   The default port for HTTP is 80.
*   The default port for HTTPS is 443.

In HTTP communication, the  client (the user) makes a request to the server for a specific resource. The server then processes this request and sends back a response with the requested data.

Understanding the URL


When I was a kid, I used to call it the "Universal Resource Locator" 😅. It's actually Uniform Resource Locator.

The "resource" in the name is exactly what the client is asking the server for.

The image below (taken from Hack The Box) breaks down the components of a URL perfectly.



As you can see, a URL contains:

1.  User/Client: Who is making the request.
2.  Host/Server: Who is receiving the request.
3.  Port: Where the website is listening (e.g., port 80).
4.  Path: The specific resource the client is requesting.
5.  Query String: Anything after the `?` symbol, used to pass parameters.
6.  Fragment: A reference to a specific part within the resource.

The HTTP Flow


I used to think this whole process would be super complicated 😳, but when I actually learned it, I ended up loving its simplicity 😍. So let’s walk through it.

Suppose you search for `cyberwithpriyanshumishra.blogspot.com` (yes, that's a bit of shameless self-promotion 😁). Even if the site uses HTTPS, the initial steps on the browser's side are largely the same.

Here's what happens:


1. First Stop: DNS Lookup
    The browser basically goes, “Alright, what is this person trying to reach?” It asks a DNS server for the IP address of the domain you typed. The DNS server replies with the corresponding address—let’s say it returns `8.8.8.8`. Now the browser knows where the website lives.

2.  Sending the Request
    Once it has the IP, the browser sends an HTTP request to the server. If you haven't specified a path (like `/about.html`), it defaults to the root (`/`).

3.  The Server Responds
    The server processes the request, figures out what you're asking for, and sends back a response with the webpage data.

And just like that—the basic HTTP flow is complete! A simple round trip between a client and a server.

A Fun Little Detail: The Hosts File


There's a crucial step that happens before the browser even touches DNS. Your operating system first checks a local file called the hosts file (on Linux and macOS, it's `/etc/hosts`).

Think of it as your machine's private cheat sheet. If the domain you typed is listed there with an IP address, your system will completely skip the external DNS lookup and send the request straight to that IP. No questions asked

Comments

Post a Comment

Popular posts from this blog

Obfuscation and Deobfuscation

I was on Hack The Box Academy, happily reading along when the first word of the module popped up: understanding . Good. Next word: code . Still good. Then the third word appeared: deobfuscation . And I just stared at it like, “How many alphabets did they use to make this word?” I tried pronouncing it five or six times. For a moment, I genuinely believed Shashi Tharoor writes simpler words 😂. Eventually, yes, I managed to say it without hurting my tongue. Anyway, let’s move to the topic. Obfuscation  As the name suggest , it is process of converting simple things ( notes , words , sentences ) into complex form 😂.  More precisely , it is the process of taking a simple , clear sentence and writing it in a complex cipher, using synonyms from a dead language, and adding alot of irrelevant words. The meaning remains preserved, but it is extremely hard to understand ( same as the name of topic obfuscation) .  Defuscation It is simply opposite of obfuscation. It is the proc...
Read more

OSINT Basics: Introduction, Scope, and Ethical Boundaries (Part 1)

Image
Disclaimer: All the tools and methods discussed in this blog are part of what I am learning in a safe and legal environment . This content is strictly for educational purposes only and is not intended to harm any individual or organization. Even though we all know that theoretical knowledge alone is not enough, most of my learning so far has been on the theory side. From now on, I’ll try to balance both theory and practical understanding — slowly and responsibly. That brings us to today’s topic: OSINT . What is OSINT? OSINT stands for Open Source Intelligence . As the name suggests, it is about gathering information from publicly available sources such as: the internet social media news articles public records OSINT has nothing to do with hacking . It focuses on collecting and analyzing information that is already exposed — often unintentionally. Why OSINT matters in cybersecurity OSINT helps us understand the human attack surface , which is often the weakest link in sec...
Read more

Cybersecurity Devices and Technologies Part 1

There is no single device or technology that can solve all the security needs of an organization on its own. A secure network is built by choosing the right tools for the right purpose. This blog covers some of the basic devices and technologies used in the field of network security. Security Appliances Security appliances can be physical devices like routers, or software tools running on those devices. They generally fall into six categories: Routers : Routers primarily connect different network segments, but they also offer basic traffic-filtering features. This helps decide which devices can connect and which networks they’re allowed to communicate with. Firewalls : Firewalls are the guardians of a network. They inspect traffic more deeply and can detect suspicious or harmful behaviour. Firewalls enforce security policies on every packet that passes through them. Intrusion Prevention System (IPS) : An IPS uses traffic signatures to detect and block malicious activities i...
Read more