In our previous post we looked at how an Internet connection works, the content the user wanted to view was stored on a web server. If you are building or running your own website it helps if you understand the basic components of a typical web server. This is particularly important if you want to understand the security advice offered on many websites about securing your own website.
What is the composition of a typical web server?
According to the latest Web Server Survey from netcraft.com, there are 111.7 million Apache servers deployed as active web hosts, representing 54% of the server market. Other providers include Microsoft (IIS) – 26%, Google – 7.4% and nginx – 5.4%. This posting examines the Apache server in its well known LAMP configuration.
LAMP is the acronym used to describe the common open source server architecture which comprises:
- Linux – the server’s operating system
- Apache – the web server component
- MySQL – a relational database
- PHP – the application layer (may also refer to Perl, Python or Ruby).
The diagram below illustrates the principal components in the architecture of a typical LAMP web server.
What are the functions of the principal components?
The Linux operating system provides the platform for secure and reliable operation of the web server. Access to the file system is governed by file permissions and enforced by the operating system. The operating system also provides interfaces to the networks and enforces process and user security.
Increasingly users expect to be provided wuth dynamic content, which may be influenced by time, current events, the user’s location or personalisation. With these more complex websites, static HTML pages are largely replaced by applications. One of the most popular scripting languages is PHP and there are a wide range of applications available including content management systems (CMS) like Joomla!, forums, bulletin boards, shopping carts, etc.
For a dynamic site, the Apache web server is configured to recognise when a script needs to be run, this may be through a combination of file extensions and default settings. For example, if a website’s home page is requested and the server has PHP installed, Apache will seek an index.php file in the root directory if there is no index.html file in the website root directory. It is this mechanism which is used to initialise applications like Joomla! The PHP scripts will be used to store and retrieve information and to render the HTML page layouts for transmission back to the user’s browser by the Apache web server.
Typically a PHP website will also use a MySQL database to store content and configuration information. It is possibel to build sites where the contents are storeed in flat text files, but the use of relational databses like MySQL gives greater flexibility. The interaction between the Apache webserver and the MySQL database is handled by PHP.
There may be a number of other components and applications hosted on the server. These may include compiled applications for delivery of specialist media or graphic content, or for rendering images and animations. A common application on Linux servers is email and this may be provided with a web mail interface via Apache and/or direct connections using POP ans SMTP protocols.