Misplaced Pages

#86913

70-449: The server component provides a function or service to one or many clients, which initiate requests for such services. Servers are classified by the services they provide. For example, a web server serves web pages and a file server serves computer files . A shared resource may be any of the server computer's software and electronic components, from programs and data to processors and storage devices . The sharing of resources of

140-401: A computer network . Typically, a client is a computer application , such as a web browser , that runs on a user 's local computer , smartphone , or other device, and connects to a server as necessary. Operations may be performed client-side because they require access to information or functionality that is available on the client but not on the server, because the user needs to observe

210-417: A computer security context, server-side vulnerabilities or attacks refer to those that occur on a server computer system, rather than on the client side, or in between the two . For example, an attacker might exploit an SQL injection vulnerability in a web application in order to maliciously change or gain unauthorized access to data in the server's database . Alternatively, an attacker might break into

280-422: A web browser or web crawler , initiates communication by making a request for a web page or other resource using HTTP, and the server responds with the content of that resource or an error message . A web server can also accept and store resources sent from the user agent if configured to do so. The hardware used to run a web server can vary according to the volume of requests that it needs to handle. At

350-499: A client-server or client-queue-client network, peers communicate with each other directly. In peer-to-peer networking, an algorithm in the peer-to-peer communications protocol balances load , and even peers with modest resources can help to share the load. If a node becomes unavailable, its shared resources remain available as long as other peers offer it. Ideally, a peer does not need to achieve high availability because other, redundant peers make up for any resource downtime ; as

420-440: A client-side attack would normally be an attacker's only opportunity to gain access to the decrypted contents. For instance, the attacker might cause malware to be installed on the client system, allowing the attacker to view the user's screen, record the user's keystrokes, and steal copies of the user's encryption keys, etc. Alternatively, an attacker might employ cross-site scripting vulnerabilities to execute malicious code on

490-464: A computer processes a request and returns data. This is the request-response messaging pattern. When all the requests are met, the sequence is complete and the web browser presents the data to the customer. This example illustrates a design pattern applicable to the client–server model: separation of concerns . Server-side refers to programs and operations that run on the server . This is in contrast to client-side programs and operations which run on

560-476: A data set (a server-side operation) and sends it back to the client. The client then analyzes the data (a client-side operation), and, when the analysis is complete, displays it to the user (as with Google Earth) and/or transmits the results of calculations back to the server (as with SETI@home). In the context of the World Wide Web , commonly encountered computer languages which are evaluated or run on

630-1064: A long time and so Apache suffered, even more, the competition of commercial servers and, above all, of other open-source servers which meanwhile had already achieved far superior performances (mostly when serving static content) since the beginning of their development and at the time of the Apache decline were able to offer also a long enough list of well tested advanced features. In fact, a few years after 2000 started, not only other commercial and highly competitive web servers, e.g. LiteSpeed , but also many other open-source programs, often of excellent quality and very high performances, among which should be noted Hiawatha , Cherokee HTTP server , Lighttpd , Nginx and other derived/related products also available with commercial support, emerged. Around 2007–2008, most popular web browsers increased their previous default limit of 2 persistent connections per host-domain (a limit recommended by RFC-2616) to 4, 6 or 8 persistent connections per host-domain, in order to speed up

700-417: A number of client programs (e.g. most modern web browsers can request and receive data using both HTTP and FTP). In the case of more specialized applications, programmers may write their own server, client, and communications protocol which can only be used with one another. Programs that run on a user's local computer without ever sending or receiving data over a network are not considered clients, and so

770-514: A physical file system path, to an absolute path under the target website's root directory. Website's root directory may be specified by a configuration file or by some internal rule of the web server by using the name of the website which is the host part of the URL found in HTTP client request. Path translation to file system is done for the following types of web resources: The web server appends

SECTION 10

#1732801619087

840-502: A problem that occurs over and over again in our environment, and then describes the core of the solution to that problem, in such a way that you can use this solution a million times over, without ever doing it the same way twice. Documenting a pattern requires explaining why a particular situation causes problems, and how the components of the pattern relate to each other to give the solution. Christopher Alexander describes common design problems as arising from "conflicting forces"—such as

910-404: A server constitutes a service . Whether a computer is a client, a server, or both, is determined by the nature of the application that requires the service functions. For example, a single computer can run a web server and file server software at the same time to serve different data to clients making different kinds of requests. The client software can also communicate with server software within

980-403: A server farm. Each load balancer sits between client devices and backend servers, receiving and then distributing incoming requests to any available server capable of fulfilling them. In a peer-to-peer network, two or more computers ( peers ) pool their resources and communicate in a decentralized system . Peers are coequal, or equipotent nodes in a non-hierarchical network. Unlike clients in

1050-503: A server system using vulnerabilities in the underlying operating system and then be able to access database and other files in the same manner as authorized administrators of the server. In the case of distributed computing projects such as SETI@home and the Great Internet Mersenne Prime Search , while the bulk of the operations occur on the client side, the servers are responsible for coordinating

1120-463: A service. By restricting communication to a specific content format , it facilitates parsing . By abstracting access, it facilitates cross-platform data exchange. A server may receive requests from many distinct clients in a short period. A computer can only perform a limited number of tasks at any moment, and relies on a scheduling system to prioritize incoming requests from clients to accommodate them. To prevent abuse and maximize availability ,

1190-480: A solution to a design problem. The idea was introduced by the architect Christopher Alexander and has been adapted for various other disciplines, particularly software engineering . An organized collection of design patterns that relate to a particular field is called a pattern language . This language gives a common terminology for discussing the situations designers are faced with. The elements of this language are entities called patterns. Each pattern describes

1260-428: A strong impetus to the adoption of reverse proxies in front of slower web servers and it gave also one more chance to the emerging new web servers that could show all their speed and their capability to handle very high numbers of concurrent connections without requiring too many hardware resources (expensive computers with lots of CPUs, RAM and fast disks). In 2015, RFCs published new protocol version [HTTP/2], and as

1330-451: A web server and some of the tasks that it may perform in order to have a sufficiently wide scenario about the topic. A web server program plays the role of a server in a client–server model by implementing one or more versions of HTTP protocol, often including the HTTPS secure variant and other features and extensions that are considered useful for its planned usage. The complexity and

1400-427: A web server implements one or more of the above-mentioned advanced features then the path part of a valid URL may not always match an existing file system path under website directory tree (a file or a directory in file system ) because it can refer to a virtual name of an internal or external module processor for dynamic requests. Web server programs are able to translate an URL path (all or part of it), that refers to

1470-414: Is any computer connected to a network. Whereas the words server and client may refer either to a computer or to a computer program, server-host and client-host always refer to computers. The host is a versatile, multifunction computer; clients and servers are just programs that run on a host. In the client–server model, a server is more likely to be devoted to the task of serving. An early use of

SECTION 20

#1732801619087

1540-546: Is applicable. Since two houses may be very different from one another, a design pattern for houses must be broad enough to apply to both of them, but not so vague that it doesn't help the designer make decisions. The range of situations in which a pattern can be used is called its context. Some examples might be "all houses", "all two-story houses", or "all places where people spend time". For instance, in Christopher Alexander's work, bus stops and waiting rooms in

1610-481: Is referring to, so that that resource can be returned to the requesting client. This process is performed with every request that is made to a web server, with some of the requests being served with a file, such as an HTML document, or a gif image, others with the results of running a CGI program, and others by some other process, such as a built-in module handler, a PHP document, or a Java servlet." In practice, web server programs that implement advanced features, beyond

1680-601: The CGI to communicate with external programs. These capabilities, along with the multimedia features of NCSA's Mosaic browser (also able to manage HTML FORMs in order to send data to a web server) highlighted the potential of web technology for publishing and distributed computing applications. In the second half of 1994, the development of NCSA httpd stalled to the point that a group of external software developers, webmasters and other professional figures interested in that server, started to write and collect patches thanks to

1750-405: The client . (See below) "Server-side software" refers to a computer application , such as a web server , that runs on remote server hardware , reachable from a user 's local computer , smartphone , or other device. Operations may be performed server-side because they require access to information or functionality that is not available on the client , or because performing such operations on

1820-532: The client side would be slow, unreliable, or insecure . Client and server programs may be commonly available ones such as free or commercial web servers and web browsers , communicating with each other using standardized protocols . Or, programmers may write their own server, client, and communications protocol which can only be used with one another. Server-side operations include both those that are carried out in response to client requests, and non-client-oriented operations such as maintenance tasks. In

1890-480: The public domain . This statement freed web server developers from any possible legal issue about the development of derivative work based on that source code (a threat that in practice never existed). At the beginning of 1994, the most notable among new web servers was NCSA httpd which ran on a variety of Unix -based OSs and could serve dynamically generated content by implementing the POST HTTP method and

1960-449: The 2000s, web applications matured enough to rival application software developed for a specific microarchitecture . This maturation, more affordable mass storage , and the advent of service-oriented architecture were among the factors that gave rise to the cloud computing trend of the 2010s. In addition to the client-server model, distributed computing applications often use the peer-to-peer (P2P) application architecture. In

2030-629: The NCSA httpd source code being available to the public domain. At the beginning of 1995 those patches were all applied to the last release of NCSA source code and, after several tests, the Apache HTTP server project was started. At the end of 1994, a new commercial web server, named Netsite , was released with specific features. It was the first one of many other similar products that were developed first by Netscape , then also by Sun Microsystems , and finally by Oracle Corporation . In mid-1995,

2100-441: The above-mentioned history articles. In March 1989, Sir Tim Berners-Lee proposed a new project to his employer CERN , with the goal of easing the exchange of information between scientists by using a hypertext system. The proposal titled "HyperText and CERN" , asked for comments and it was read by several people. In October 1990 the proposal was reformulated and enriched (having as co-author Robert Cailliau ), and finally, it

2170-399: The adoption and the usage of those programs along with their porting to other operating systems . In December 1991, the first web server outside Europe was installed at SLAC (U.S.A.). This was a very important event because it started trans-continental web communications between web browsers and web servers. In 1991–1993, CERN web server program continued to be actively developed by

Client–server model - Misplaced Pages Continue

2240-491: The application of web servers well beyond their original purpose of serving human-readable pages. This is a very brief history of web server programs , so some information necessarily overlaps with the histories of the web browsers , the World Wide Web and the Internet ; therefore, for the sake of clarity and understandability, some key historical information below reported may be similar to that found also in one or more of

2310-431: The availability and load capacity of peers change, the protocol reroutes requests. Both client-server and master-slave are regarded as sub-categories of distributed peer-to-peer systems. Web server A web server is computer software and underlying hardware that accepts requests via HTTP (the network protocol created to distribute web content ) or its secure variant HTTPS . A user agent, commonly

2380-537: The availability of new protocol , not only because they had the work force and the time to do so, but also because usually their previous implementation of SPDY protocol could be reused as a starting point and because most used web browsers implemented it very quickly for the same reason. Another reason that prompted those developers to act quickly was that webmasters felt the pressure of the ever increasing web traffic and they really wanted to install and to try – as soon as possible – something that could drastically lower

2450-419: The client and the server know what to expect. The language and rules of communication are defined in a communications protocol . All protocols operate in the application layer . The application layer protocol defines the basic patterns of the dialogue. To formalize the data exchange even further, the server may implement an application programming interface (API). The API is an abstraction layer for accessing

2520-472: The client initiates a request to the bank's web server. The customer's login credentials may be stored in a database , and the webserver accesses the database server as a client. An application server interprets the returned data by applying the bank's business logic and provides the output to the webserver. Finally, the webserver returns the result to the client web browser for display. In each step of this sequence of client–server message exchanges,

2590-542: The client side include: An early form of client–server architecture is remote job entry , dating at least to OS/360 (announced 1964), where the request was to run a job , and the response was the output. While formulating the client–server model in the 1960s and 1970s, computer scientists building ARPANET (at the Stanford Research Institute ) used the terms server-host (or serving host ) and user-host (or using-host ), and these appear in

2660-574: The client's system without needing to install any permanently resident malware. Distributed computing projects such as SETI@home and the Great Internet Mersenne Prime Search, as well as Internet-dependent applications like Google Earth , rely primarily on client-side operations. They initiate a connection with the server (either in response to a user query, as with Google Earth, or in an automated fashion, as with SETI@home), and request some data. The server selects

2730-410: The client, etc. In the context of the World Wide Web , commonly encountered server-side computer languages include: However, web applications and services can be implemented in almost any language, as long as they can return data to standards-based web browsers (possibly via intermediary programs) in formats which they can use. Client-side refers to operations that are performed by the client in

2800-481: The client-server model, the server is often designed to operate as a centralized system that serves many clients. The computing power, memory and storage requirements of a server must be scaled appropriately to the expected workload. Load-balancing and failover systems are often employed to scale the server beyond a single physical machine. Load balancing is defined as the methodical and efficient distribution of network or application traffic across multiple servers in

2870-402: The clients, sending them data to analyze, receiving and storing results, providing reporting functionality to project administrators, etc. In the case of an Internet-dependent user application like Google Earth , while querying and display of map data takes place on the client side, the server is responsible for permanent storage of map data, resolving user queries into map data to be returned to

Client–server model - Misplaced Pages Continue

2940-403: The conflict between wanting a room to be sunny and wanting it not to overheat on summer afternoons. A pattern would not tell the designer how many windows to put in the room; instead, it would propose a set of values to guide the designer toward a decision that is best for their particular application. Alexander, for example, suggests that enough windows should be included to direct light all around

3010-457: The early documents RFC 5 and RFC 4. This usage was continued at Xerox PARC in the mid-1970s. One context in which researchers used these terms was in the design of a computer network programming language called Decode-Encode Language (DEL). The purpose of this language was to accept commands from one computer (the user-host), which would return status reports to the user as it encoded the commands in network packets. Another DEL-capable computer,

3080-870: The efficiency of a web server program may vary a lot depending on (e.g.): Although web server programs differ in how they are implemented, most of them offer the following common features. These are basic features that most web servers usually have. A few other more advanced and popular features ( only a very short selection ) are the following ones. A web server program, when it is running, usually performs several general tasks , (e.g.): Web server programs are able: Once an HTTP request message has been decoded and verified, its values can be used to determine whether that request can be satisfied or not. This requires many other steps, including security checks . Web server programs usually perform some type of URL normalization ( URL found in most HTTP request messages) in order to: The term URL normalization refers to

3150-406: The first version of IIS was released, for Windows NT OS, by Microsoft . This marked the entry, in the field of World Wide Web technologies, of a very important commercial developer and vendor that has played and still is playing a key role on both sides (client and server) of the web. In the second half of 1995, CERN and NCSA web servers started to decline (in global percentage usage) because of

3220-483: The implementation of new specifications was not trivial at all, a dilemma arose among developers of less popular web servers (e.g. with a percentage of usage lower than 1% .. 2%), about adding or not adding support for that new protocol version. In fact supporting HTTP/2 often required radical changes to their internal implementation due to many factors (practically always required encrypted connections, capability to distinguish between HTTP/1.x and HTTP/2 connections on

3290-405: The low end of the range are embedded systems , such as a router that runs a small web server as its configuration interface. A high-traffic Internet website might handle requests with hundreds of servers that run on racks of high-speed computers. A resource sent from a web server can be a pre-existing file ( static content ) available to the web server, or it can be generated at the time of

3360-408: The maximum number of concurrent connections allowed and to improve their level of scalability. Between 1996 and 1999, Netscape Enterprise Server and Microsoft's IIS emerged among the leading commercial options whereas among the freely available and open-source programs Apache HTTP Server held the lead as the preferred server (because of its reliability and its many features). In those years there

3430-621: The network, and a computer terminal has no operating system at all; it is only an input/output interface to the server. In contrast, a rich client , such as a personal computer , has many resources and does not rely on a server for essential functions. As microcomputers decreased in price and increased in power from the 1980s to the late 1990s, many organizations transitioned computation from centralized servers, such as mainframes and minicomputers , to rich clients. This afforded greater, more individualized dominion over computer resources, but complicated information technology management . During

3500-500: The number of TCP/IP connections and speedup accesses to hosted websites. In 2020–2021 the HTTP/2 dynamics about its implementation (by top web servers and popular web browsers) were partly replicated after the publication of advanced drafts of future RFC about HTTP/3 protocol. The following technical overview should be considered only as an attempt to give a few very limited examples about some features that may be implemented in

3570-426: The operations of such programs would not be termed client-side operations. In a computer security context, client-side vulnerabilities or attacks refer to those that occur on the client / user's computer system, rather than on the server side , or in between the two . As an example, if a server contained an encrypted file or message which could only be decrypted using a key housed on the user's computer system,

SECTION 50

#1732801619087

3640-502: The operations or provide input, or because the server lacks the processing power to perform the operations in a timely manner for all of the clients it serves. Additionally, if operations can be performed by the client, without sending data over the network, they may take less time, use less bandwidth , and incur a lesser security risk. When the server serves data in a commonly used manner, for example according to standard protocols such as HTTP or FTP , users may have their choice of

3710-410: The path found in requested URL (HTTP request message) and appends it to the path of the (Host) website root directory. On an Apache server , this is commonly /home/www/website (on Unix machines, usually it is: /var/www/website ). See the following examples of how it may result. URL path translation for a static file request Design pattern A design pattern is the re-usable form of

3780-431: The process of modifying and standardizing a URL in a consistent manner. There are several types of normalization that may be performed, including the conversion of the scheme and host to lowercase. Among the most important normalizations are the removal of "." and ".." path segments and adding trailing slashes to a non-empty path component. "URL mapping is the process by which a URL is analyzed to figure out what resource it

3850-432: The relevant application protocol , i.e. the content and the formatting of the data for the requested service. Clients and servers exchange messages in a request–response messaging pattern . The client sends a request, and the server returns a response. This exchange of messages is an example of inter-process communication . To communicate, the computers must have a common language, and they must follow rules so that both

3920-424: The request ( dynamic content ) by another program that communicates with the server software. The former usually can be served faster and can be more easily cached for repeated requests, while the latter supports a broader range of applications. Technologies such as REST and SOAP , which use HTTP as a basis for general computer-to-computer communication, as well as support for WebDAV extensions, have extended

3990-429: The retrieval of heavy web pages with lots of images, and to mitigate the problem of the shortage of persistent connections dedicated to dynamic objects used for bi-directional notifications of events in web pages. Within a year, these changes, on average, nearly tripled the maximum number of persistent connections that web servers had to manage. This trend (of increasing the number of persistent connections) definitely gave

4060-413: The room. He considers this a good solution because he believes it increases the enjoyment of the room by its occupants. Other authors might come to different conclusions, if they place higher value on heating costs, or material costs. These values, used by the pattern's author to determine which solution is "best", must also be documented within the pattern. Pattern documentation should also explain when it

4130-416: The same TCP port, binary representation of HTTP messages, message priority, compression of HTTP headers, use of streams also known as TCP/IP sub-connections and related flow-control, etc.) and so a few developers of those web servers opted for not supporting new HTTP/2 version (at least in the near future) also because of these main reasons: Instead, developers of most popular web servers, rushed to offer

4200-405: The same computer. Communication between servers, such as to synchronize data, is sometimes called inter-server or server-to-server communication. Generally, a service is an abstraction of computer resources and a client does not have to be concerned with how the server performs while fulfilling the request and delivering the response. The client only has to understand the response based on

4270-406: The server software may limit the availability to clients. Denial of service attacks are designed to exploit a server's obligation to process requests by overloading it with excessive request rates. Encryption should be applied if sensitive information is to be communicated between the client and the server. When a bank customer accesses online banking services with a web browser (the client),

SECTION 60

#1732801619087

4340-539: The server-host, received the packets, decoded them, and returned formatted data to the user-host. A DEL program on the user-host received the results to present to the user. This is a client–server transaction. Development of DEL was just beginning in 1969, the year that the United States Department of Defense established ARPANET (predecessor of Internet ). Client-host and server-host have subtly different meanings than client and server . A host

4410-422: The shared resources of other hosts. Centralized computing , however, specifically allocates a large number of resources to a small number of computers. The more computation is offloaded from client-hosts to the central computers, the simpler the client-hosts can be. It relies heavily on network resources (servers and infrastructure) for computation and storage. A diskless node loads even its operating system from

4480-426: The simple static content serving (e.g. URL rewrite engine, dynamic content serving), usually have to figure out how that URL has to be handled, e.g. as a: One or more configuration files of web server may specify the mapping of parts of URL path (e.g. initial parts of file path , filename extension and other path components) to a specific URL handler (file, directory, external program or internal module). When

4550-720: The widespread adoption of new web servers which had a much faster development cycle along with more features, more fixes applied, and more performances than the previous ones. At the end of 1996, there were already over fifty known (different) web server software programs that were available to everybody who wanted to own an Internet domain name and/or to host websites. Many of them lived only shortly and were replaced by other web servers. The publication of RFCs about protocol versions HTTP/1.0 (1996) and HTTP/1.1 (1997, 1999), forced most web servers to comply (not always completely) with those standards. The use of TCP/IP persistent connections (HTTP/1.1) required web servers both to increase

4620-594: The word client occurs in "Separating Data from Function in a Distributed File System", a 1978 paper by Xerox PARC computer scientists Howard Sturgis, James Mitchell, and Jay Israel. The authors are careful to define the term for readers, and explain that they use it to distinguish between the user and the user's network node (the client). By 1992, the word server had entered into general parlance. The client-server model does not dictate that server-hosts must have more resources than client-hosts. Rather, it enables any general-purpose computer to extend its capabilities by using

4690-418: The www group, meanwhile, thanks to the availability of its source code and the public specifications of the HTTP protocol, many other implementations of web servers started to be developed. In April 1993, CERN issued a public official statement stating that the three components of Web software (the basic line-mode client, the web server and the library of common code), along with their source code , were put in

4760-817: Was also another commercial, highly innovative and thus notable web server called Zeus ( now discontinued ) that was known as one of the fastest and most scalable web servers available on market, at least till the first decade of 2000s, despite its low percentage of usage. Apache resulted in the most used web server from mid-1996 to the end of 2015 when, after a few years of decline, it was surpassed initially by IIS and then by Nginx. Afterward IIS dropped to much lower percentages of usage than Apache (see also market share ). From 2005–2006, Apache started to improve its speed and its scalability level by introducing new performance features (e.g. event MPM and new content cache). As those new performance improvements initially were marked as experimental, they were not enabled by its users for

4830-461: Was approved. Between late 1990 and early 1991 the project resulted in Berners-Lee and his developers writing and testing several software libraries along with three programs, which initially ran on NeXTSTEP OS installed on NeXT workstations: Those early browsers retrieved web pages written in a simple early form of HTML , from web server(s) using a new basic communication protocol that

4900-472: Was named HTTP 0.9 . In August 1991 Tim Berners-Lee announced the birth of WWW technology and encouraged scientists to adopt and develop it. Soon after, those programs, along with their source code , were made available to people interested in their usage. Although the source code was not formally licensed or placed in the public domain, CERN informally allowed users and developers to experiment and further develop on top of them. Berners-Lee started promoting

#86913