Website Development

Websites Development By Prismintelligentsolutions.Com.Au Level 7, 91 Phillip Street, Parramatta NSW 2150 1300 4 PRISM (1300 477 476)

Level 7, 91 Phillip Street,
Parramatta NSW 2150
1300 4 PRISM (1300 477 476)

you go ahead on the internet on yourlaptop or desktop you pull up your
favorite browser you type in and hit enter
What happens? Let's tell this story andwe can be as high level or low level
as we want, and I'll steer us in bothdirections. So you've hit enter.
What happens?
Anything you got?
Oh. Good. So that's the whole story. That's very good. Let's tease it apart a little bit now andI'll repeat some of the answers
sometimes into the microphone so thatour folks who are taking the course
from afar can hear everything
so your computer makes a request through your modem goes to your
ISP, reaches serversand they've replied
with the response, so good.
now let's dive in deeper there, and let's focus onthe act of hitting enter
Does someone want to propose, just give me one step
in more technical detail what happensnext and then we'll get to that same
endpoint eventually
Perfect. So we first need to translatethe name of the site in this case the
into an IP address and, someone else,what is an IP address?
Good, so an IP address identifiesa server or computer on the internet
and an IP address is simply a number ofthis form. Let me go ahead and pull up a
little scratch pad for notes here
so an IP address as you've probablyseen as something in the form of w.x.y.z
and little internet trivia:
each of these placeholders can be adigit from what to what?
...or number from what to what?
Perfect. 0-255, and there'ssome restrictions on what numbers can
be where, but essentially you have numberdot number dot number dot number. And each
of those numbers can be again 0-255.
If we've really wanna start pressingdeeper here, how many bits is used to
represent an entire IP address underthis schema,
for those familiar with bits.
32. So why is that? Well, forthough less familiar/unfamiliar, if you
want to represent the number 0 - 255which is a total
of 256 numbers
you need 8 bits because 2^8=256,But we won't go into
too much detail on along those lines
but if you've seen that IP addressesare just 32 bits
it is because each of these numbersis 8 bits itself so actually let's
go here. There will be much math in thiscourse after at the following sentence
but if you have 32 bits:how many possible IP addresses are there
for the world's computers?
so it's to 2^32 which is roughly..those who are good with math in their heads..?
So it's roughly 4 billion. So that's a lot.But these days most of you have
laptops. Most of you have desktops
Most of you have telephones in your pocketsor Ipads or
the like. So there's more to placesthese days that are consuming
IP adresses
so if you follow the popular media
of late you'll find that people havebeen freaking out that were about to run
out of IP addresses but that'sbecause we've been using version 4
for far too long.
Thankfully version 6 (u.v.w.x.y.z) has begunto get rolled out
and version 6 (u.v.w.x.y.z) will have128 bit IP address
..which is great, because that's2^128
which is huge! Barely pronounceable.
But it will also become alittle more complex to break these
things down so we can squeeze a few moreyears of discussion out of these
addresses but realize the world is
now just for the sake of the experiencefor those at home let me actually pause here
just so we can plug in this recordingdevice so we can capture to another
format so let's leave that is thatcliffhanger for just a minute or twoand I'll be right back.
Where did we leave off?You've just hit enter.We had proposed that your computer
had translated or needed to translatethe hostname
into an IP address and then we talkedfor a moment about various forms
of IP addresses
so let's now push a little harder on howthis translation happens
so Google has a numeric address of thisform (w.x.y.z)
and as an aside Google actually probablyhas a whole bunch of IP addresses
of that form. All of which lead to
the same experience but perhapsdifferent servers
so how does your little Mac or PC orLinux computer know
what the IP address of is?
OK, good. So, it has to do a domain namelook up using a DNS server.
For those unfamiliar, DNS is domain namesystem
and this is an infrastructure on theinternet that pretty much does exactly
that. It converts domain names andhost names
to IP addresses
and vice versa and will see tonight thatit does a few other things in terms of
helping with the routing of email
with validation of ownership ofdomains and the like
so there are these servers out there nowyour computer or your home probably
doesn't have its own DNS server
but probably Harvard does if you're oncampus or Comcast does or Verizon
or your company does.
Now if you're at a small college forinstance and you're not visiting
but your visiting some random website.comIt's very possible that you were
the first person on a campus to visitthat website ever
or at least in a long time
so what if your small little campus'sDNS server has no idea what
this IP addresses is?
Are you sort of out of luck because youwent to that school, and not one where
there's more people using that websites
or equivalently, it's kind of the chicken and the egg problem (which came first?) if you're the first person to
ever need to visit that website andtherefore your campus's DNS server
has no idea what that mapping is
how do you solve this problem?
Exactly. So there's a hierarchy,thankfully to the DNS system whereby
even though you might have your ownDNS server on campus or company
but that doesn't necessarily store allpossible domain names and IP addresses in
the world. In fact, that would be quite alarge database otherwise and it's just
not efficient to keep all of them aroundif they're not being accessed at all
or very frequently
but your ISP
knows some bigger fish and maybe thatbigger fish knows an even bigger fish that
has its own DNS servers that mightknow, but in the worst case
if no one along this hierarchy knows,there also exists in the world what are
called root servers
which are spread out geographicallyacross the several continents
and it's those root servers thatessentially know
who does know, what the IP addresses ofsome random
in other words those root servers know
who the authority is for instance forall of the .com's in the world, for all
of the .net's or the like
so that you can have this initialrequest from little old your computer
bubble up to these very high-levelservers and then bubble back down to
some authority
who does actually know
and the reason why that works
is because when you go and buy your owndomain name which is a
process will discuss in just a bit
you have to tell the world what the IPaddress is of
you DNS server, so someone has tobe informed proactively once really
and only once when you buy the domain sofor now let's come back to our story
We've hit enter was in my browsers window.My computer has somehow figured out that
it is or something like that
so now my computer puts together amessage to send it across the internet
to does that message look like?
Well in it's simplest form - it's a messagethat pretty much looks like this. It is
literally the word GET in all capsa space a forward slash ( / ) if you're just
the root of the web server markedtypically with /
and then HTTP /
version number
Now in reality, there is a few more headers,so to speak, HTTP headers that get
from browser to server, and we'll seethose in action in just a bit,
but this message captures
really the most important aspect of therequest
so your little computer creates avirtual envelope more technically called
a packet of some sort inside of thatpacket
is a message like this
Put on the front of that virtualenvelope is a "To" address namely
or whatever Google's IP addresses is.
In the return field of this virtualenvelope you know just like you were
mailing something to a human there's thereturn address who which should be who's
IP address probably?
Your own IP addressing, and yourcomputer does know that if you have an
internet connection
and then your computer sends it out on theinternet. Now we can dive deeper and
deeper and deeper but for now assumethat your ISP
has what's called the default-gateway
also known as a router
and routers are the computers on theinternet that know how to get data from
point "A" to point "B", or if they don't
know precisely how to go for "A" to "B"
they know whom to pass it off to
who can then get it one step closer topoint "B"
so in reality a packet, this virtualenvelope,
might go from router to router to routerto router sometimes as many as thirty
different routers across the globe
until finally it gets to its actualdestination
Google receives this virtual envelope,
sees that it's for its IP address,opens the envelope up, sees this message server happens to berunning a web server and so that
webserver looks for the file called "/"
now "/" is typically a synonym for anactual file name like index.html
or index.php or any number of other
default standard file names
so Google grabs that file from its harddrives and then puts it it's an own
virtual envelope
flips the two IP addresses the from andthe sender
sends it back to the internet via theserouters
it arrives on my computer. My computer,unbeknownst to me, opens this envelope
sees a whole bunch of a language calledHTML
renders that HTML top to bottom and Isee
the search page for Google's main site
What is the function of the slash?
so whenever you type in a URL
There are several differentcomponents to it. HTTP typically
followed by :// followedby something like this (
and so this is let's say arepresentative URL, but we can
actually to tease this apart into a fewcomponents.
This is the protocol or schema at thebeginning,
even though in a browser we almostalways used HTTP://
Have folks seen others?
HTTPS, similar, but different, inthat it uses cryptography - a topic we'll come back to.
WEBCOW://Some of these are more standardized than
but the schema is typically an indicatorto some piece of software
how it should view the contents atthat address
so what comes after the ://It typically has something called
a hostname
or sub domain name
followed by the domain name, which inthis case is
or followed more precisely by a domainname witha TLD - top-level domain
a .com .edu .gov .uk
would be the TLD and then you havewhat we call a path
and a path specifies exactly what fileor folder you wanna access
A single slash means get me the root ofmy hard drive
and if you come from the windows worldthis is essentially equivalent to C:\
Or on a mac it's equivalent tothat, or on a Linux computer it's
equivalent to that.
So that is truly the root of your harddrive,
the folder in which everything else onyour hard drive lives
now it turns out in a browser thesedays you don't have the type
most of that. you can omit the HTTP://You can typically omit the www.You can
omit the slash, and things just work
Why is that? both for the most part it'sbecause browsers have just gotten a lot
more user friendly
right there what was the time a fewyears ago where advertisements
in print and on TV would actually haveHTTP://
but then the world kind of realized thatyou know anytime you see www.
probably a website so we startedomitting HTTP://
Now the world has gotten acclimated toany mention of .com or .gov so
we don't even really need the wwwanymore and so whether or not www
works or doesn't work
is actually completely configurable bythe system administrators of the website
and in fact
i don't have a
sort of a soapbox to hop on right nowbut invariably during a semester, I'll
come across some website
for which or whatever thedomain is .com
just doesn't work you have to type
and that's just a foolish technicaldesign decision on their part. We'll talk
today about how you can configure thingsto just work, and it involves a bit of
a bit of web server configuration
but typically you don't see that dead end
because browsers these days if you typein and hit enter and
there is no IP address out there
the browser will presumptuously or helpfully
prepned "www." to the start of theaddress
and then retry that one
some browsers if you just type foowill automatically try,,
some of the most popular ones so inshort
a lot of the technical processes thatare happening are being sort of hidden
now by browser user friendliness
for better or for worse
So, the story began with hitting enterthe story ended with you're seeing the
home page of Google.
Any questions on the various steps inbetween,
whether high level or lower level?
Allright, so that's the story told from theperspective of a user.
Why don't we tell the story from theperspective now of someone who owns a
website or wants to operate a website sosuppose one of your goals in this class
or some other
is to actually have your own presence onthe web
to actually buy your own domainname and have your own business or
personal home page or whatever the casemay be.
How do you go about doing that? You needmore than just a laptop and a browser now
you need a server
on the internet because even thoughevery computer on the internet,
your laptop included
has an IP address
it's not necessarily publicly accessiblebecause even that statement's a bit of an
You do not necessarily have apublic IP address. In fact if you go
and you have internet access at home,especially wireless
you probably have a home router like anApple Airport Extreme, or you have a Linksys
router or some device with antennasthat gives you wireless internet
access but Comcast or Verizon or whoeveryou're paying each month to give you
internet access into the house via yourcable modem or DSL modem
which in turn is probably connected tothat router
if it's not one in the same device whichsome of the ISPs provide these
all-in-one devices these days
Odds are you have one IP address and if youhave 3 brothers and sisters
or parents or grandkids in the house
all of you are sharing
that one IP address
and yet the individual computers in thehome still need an IP address.
so what actually is the case is thatwhen you're in a home network you have
what's called generally a privateIP address something of a form..
Anyone know what up popular internal IPaddresses is?
Exactly. Anything, in fact, starting with192.168.x.y
is a private IP address, so the folkswho invented the internet
along the way decided "You know what? Weshould probably have some IP addresses
that should never be given out."
So that within the company or home or alittle test network
you can have IP addresses that areguaranteed not to exist on the public
so what home routers typically use iss192.168.0 or 192.168.1
and then the last digit, it can be againbetween 0-255, but some
exceptions. It really it can't be 0 or 255,
so there are some constraints, but it gives you
roughly 250 or so possible IP addresses
If you don't like that, there's:172.16.x.y
There's a few more constraintson this one, but then if you really need
a lot of internal IP addresses
you can have what's called a "class a"private network
10.x.y.z is a private addressand this actually gives you millions of
IP addresses for your home or yourbusiness
or your data center, but in short
any IP addresses beginning with thesefew other prefixes are considered
but the problem then is that even ifafter this class you know HTML and CSS
all the better. You know PHP, and SQL, and Javascript
and you creates a website and you'verun it on your laptop using software
we'll introduce you to.A web server called Apache
no one in the world
is going to be able to visit yourwebsite because
your address probably starts with one ofthese prefixes
and your home router or cablemodem or DSL modems is not going to
let outside random people into your homenetwork
to access this IP address
frankly there's tens of thousands ofpeople who probably have that exact
same private IP address, so it's justuniquely identifiable
and because your home router
and your cable modem is sometimes afirewall into itself this traffic not
gonna get into your home
so in short that won't work..
but you have at least two options, twoalternatives, how can you get your website
out on the internet?
You can. Port forwarding. So let's gothere. For those unfamiliar when you use
a protocol like HTTP:// you're actuallyusing other protocols behind the
scenes and in fact you probably at leastheard the
the buzzword TCP/IP transmissioncontrol protocol internet protocol
It's actually two protocols, two differentstandards or languages so to speak
that govern how data can be transmitted
on the internet and this is a bit of anoversimplification but for today's
purposes assume
that IP, the internet protocol,
is just a set of conventions thathumans came up with years ago
that govern how you associate numericaddresses with computers
so IP address derives from thisprotocol so IP is just the standard for
assigning computers addresses however justsigning someone an address
doesn't mean you can get data to thataddress for that you need another
standard another protocol
and that's typically TCP transmissioncontrol protocol
is the standard
that web browsers and web servers speak
in order to actually physically move dataor electronically move data
from point "A" to point "B"
using the higher level notion of anIP address to actually uniquely
identify points "A" and point "B"
so for those
who might want to go further in computerscience and in networking in particular
there's typically what's called theTCP/IP stack
and so there's topics like there's thetransport layer down here there's the
others the IP or addressing layer here
there's the application layer in shortmuch of the internet is the result of
smart people having design things andthen design things on top of things on
top of things
and so we just typically over simplifyand say TCP/IP.
So what's the point there?
TCP/IP allows not just the web towork but all sorts of applications
There's the web. There's email.
There's instant messaging.
There's things like Spotify. There's dedicated
applications they're using the internet
but aren't necessarily inside of abrowser
a server can actually do multiple things.It can receive email like Gmail can.
It can be a website and get HTTP:// traffic
so a server because it can do multiplething somehow needs to be able to
uniquely identify
the various things that it can do
and so the world introduced this notionof port numbers
and typically for a web server
Rather, for HTTP:// it uses thisprotocol TCP and the world decided some
years ago
the number 80 will arbitrarilybut consistently identified this service
so if you have a server and you have awebsite, and a website uses, as you
probably know, HTTP:// but will look atwhat that means in a bit
it is running so to speak on port 80it is listening so to speak on port 80
and the motivation for that
is because you might also have
an email server on the same physicalbox , right? Gmail, kind of an
oversimplification, but they are both awebsite and an email service, and if you
want to be able to send email to Gmailyou can also used TCP but you have to
use port 25
in other words if you've go to
a with a browser you obviously want toweb page back
so even though you, the human,haven't typed 80, it's automatically
inserted for you by your browser, behindthe scenes
but if you send an email from Eudoraor apple mail or Outlook or whatever
you're using
you again probably don't have to care aboutthis detail but that program
is going to send data still to
but specifically to port 25.
So, when a computer's on the internet, aserver, and it's listening for traffic all
of that traffic comes in on a specificport
a specific like pathway into the server
so that it knows if it's a webpage or an email, right? Because especially email; emails can
contain HTML now
so you need some way of distinguishingthe two fundamentally
so when you propose port forwarding, whatdoes this mean?
Well, if your home network
has a public IP address, and you usually, again, get 1 from your ISP
and that is some address of the formw.x.y.z
and your individual laptop on whichyou've created your final project that
you wanna make publicly available
is that one of these IP addresses,doesn't really matter what it is,
what you can do is configure your homerouter AKA firewall AKA cable
modem, it depends on what make and modelyou have,
but that device,
you can configure it to say
any internet traffic that comes from theinternet to my home
on my public IP address
destined for port 80
should be "port forwarded"
to IP address 192.168.x.y
port 80
in other words you can tell this machineto take incoming data on that port
and then route it very specifically to thiscomputer, your's,
so that it just works.
Now, there is one gotcha here.
Especially if you have siblings, for instance orother technically minded family members
or roommates
if you're doing port forwarding in thisway
only one of you can operate a webserver
behind your cable modem because you onlyhave one IP address to uniquely
identify your website and if you'vealready claimed 80 as your own and
that's the default for the worldbrowsers to use pretty much only your
webserver can be accessed
now there is a work around here if yourroommates really ticked off at you, you can
say "Fine, fine, fine, I will give you port 81."
but what does that mean? That means theentire world has to type out a URL like
let's say your address was indeed w.x.y.z
this would be your IP address
your URL
your roommates, unfortunately, would be thiscrazy looking thing (http://w.x.y.z:81/),
right, or any number really.
Now, there are some restrictions on thenumbers. Probably can't use 81,
but the point is the same.
This is not standard, and you probably don't want your users having to remember such an
esoteric detail as an arbitrary number.
However if on the internet
you visit any website with :80,
odds are you will get to the websitewith which you're familiar it's just the
browser is again for user convenienceinserting the port number
automatically for you.
and little trivia for HTTPS, the secure version of HTTP, what port number does that use?
443, and you sometimes do seethat in the URL and you also see some other
ports commonly like :8080
:8080 is just kind of arbitrarypopular port that some companies used to
run certain services but in short usinganything non-standard these days
especially for commercial production websites where you're trying to make money
or trying to stay online up one hundredpercent of the time
using non standard ports is bad, because thereare certain companies, there are certain
campuses that will pretty much block anyports besides 80 and 443,
but thankfully there's a work around,even if you wanna run some random server
like a bit torrent server, or something likethat
all you have to do is change the portnumber to be 80 or 443
so the reality is that with firewalling and willhave this conversation toward the end the
semester, when we talk about securitymore generally,
in a lot of security mechanisms are kindof a joke because all you need is a
modicum of savy or you know,
having listened to the past30 seconds of words that I just said
you can circumvent these kinds of
restrictions. Hotels do this a lot,Starbucks does this a lot
the port numbers are really just this verybasic
mechanism, and the world and adopted somestandards, alright,
so, perfect! We have a solution. All youhave to do is somehow figure out
how to download the manual for yourLinksys router or Apple Airport
and you can configure all this portforwarding stuff and run a website
from your own,
so not quite. Because if you actuallyhave a popular website, Verizon and Comcast
might very well notice and just shut you off entirely,
because that huge disclosure agreementyou probably clicked through and never read when
you signed up for internet serviceprobably said you may not run
a website on your home computer
so plus that this was a pain in theneck to do anyway, plus I might
unplug my laptop sometimes and so mywebsites gonna go down anytime i go to
go out
so not the best solution even if youhave a desktop so let's at least try to
push a little harder and assume that weneed to outsource this problem, or we
at least need to put your computer
on the internet itself, in a data center,on the campus, where it can stay plugged in
perpetually, under your desk at work ifthe system admins allows it,
and moreover i don't want my website to live atw.x.y.z,
or any number for that matter,
I want it to live it orsome URL
that is sort of distinctly my brand ormy name,
so that begs the question how do you goabout
getting your own
domain name?
Has anyone done this before? Yeah, how do you do it?
Okay, where do you purchase them?
Okay, so is a verypopular place, fairly inexpensive
Go Daddy is another very popular place
This one (Go Daddy) is kind of riddledwith
up-sell attempts, trying to get you to buyeverything in the kitchen sink,
but you don't need to do that. There's all there's all sorts of
domain name registrars out there thesedays. A bunch of years ago
network solutions was the only one,
but then the market was created and sothere's a lot of places to buy domain
For the most part, it doesn't matterwhere you buy your domain name from, but
you do sometimes get different features
in particular you get DNS featuressometimes, more control over your DNS
They might throw in free email accounts,free hosting,
but for the most part, it doesn't matter a hugeamount in particular, you don't need to go
to someone like network solutions andpay thirty dollars a year, when you could
go to someone like Go Daddy and pay$9.99 a year or namecheap and
pay $4.99 a year
so in short paying more for domain name
isn't necessarily giving you anythingmore
uh... in the way of
uh... functionality. It depends on what maybe the add-ons are.
So, how do we go about doing this? Well,let's go to something like Go Daddy.
Go Daddy's kind of a...Well, let's actually try namecheap.
Let's go to namecheap, see what theylook like,
much of my friends have indeed used thiswebsite.
right so let's see domain name to searchand the search for
probably take. Oh,l that is a goodprice. Already doing better than Go Daddy
All right. So as I expected it is takenas are almost all forms of david.
*Ha* They've suggested I name myself "DavidJohn", "David Smith", "David Johnson", "King
David", "David"
So one of the hardest things, frankly, ofstarting a business these days is
finding an available domain name, let aloneyour own personal vanity domain names
for people's names
but if we found something we like.. MaybeI do want DavidTV... Well, that's atrocious.
$6,000 for this domain but it's not yet taken.
It's probably one of the cheaper onesup above so let's assume we found something
we're happy with
so we add it to our cart and we check out
I now own some domain name,David
So what now do I do with it?
How do I associate it with my web server?
and for that matter, how do I get a web server?Let's assume I have a web server, and we'll
cross that bridge in a moment,
but I have a domain name.
What do I need to do with it to startusing it? Well I need to tell the world what
my IP address is.
So I need to, somehow, tell the world thatmy server.. I don't know who's going to be
hosting it, but i know it will have aIP address, by nature of how the web works.
so let's assume I know the IP address isgoing to be
I somehow have to inform the whole world
that's IP address isw.x.y.z.
So one of the things I'll have to do or Go Daddy or
is I tell the registrar
not what my own computers IP addresswill be
but rather what the IP address
of my domain names
DNS server's will be
and the convention is typically thatevery domain name in the world should have
2 DNS servers: primary and secondary
so a main one and a backup one.
They can be one in the same, but theworld really pushes people having at
least two for the sake of up time andredundancy
so I need to know not my own IPaddress, per se,
but I need to know the IP address of oneand then a second DNS server
Now I don't have my own DNS serversand I want to configure two more
computers in addition to my webserver
so this is where web hosting companiescome in.
So in addition to buying the domain nameI also wanna host my website somewhere
and it could very well be the same exactcompany. Could be Go Daddy, it could be
Name Cheap
depending on the service that theyprovide, but
we need to have
a web hosting
option. So what's the web host going to giveus? A web host is going to give us
hard drive to put my files on, you know,maybe not hard drive, per se, but some
illusion of storage space
they are going to have their ownconnections to the internet
this web hosting company
there hopefully gonna have a pool ofIP addresses so that I can have at least
one of them.
They're also going to have someRAM. they're also going to have technical
support staff. In short, they're gonnahave a server, and all of the things
necessary to keep a server alive on theinternet,
and hopefully they're also going to haveat least 2 of what..?
DNS servers.
So if I decide to host my website, let'ssay This is a very
popular sort of "El Cheapo" (basic)
kind of web hosting company
that I've used myself in thepast like $6.95 or $8.95 a month.
So that's pretty good butagain you get what you pay for.
I wouldn't necessarily build a big business on it
So for $8.95 a month
I have the ability to upload my HTML andCSS files and soon PHP and Javascript
files to their server.
Their server has nearby 2 DNSservers, each of which, have their own
IP addresses. So once I know whatDream Host's IP addresses are for its
nameservers, I'd tell Name Cheap
or Go Daddy, or wherever I bought my domainname
and that's it
the only time I have to talk to myregistrar again, most likely, is in a
year when they charge me another $5.99 or $99 for my
domain name. Unfortunately, "buying,"
you're really renting your domain namefrom these registrars.
Now there's a whole bunch more involvedin setting up of the web server
and getting my files there
but at least now I've told the world
that if you want to know where is
Ask these people. These two IPaddresses of the name server. Either one
and those IP, those DNS serversshould hopefully know. Why?
Because so long as I keep payingdreamhost or someone else $8.95
per month
they will ensure that both of thoseDNS servers
know what my own website's IP address is,and how will they know?
Because of what I'm paying for is somestorage space and some internet
connectivity on one of their servers, oneof their servers has an IP address
so they just tell their DNS serversthat's IP address,
is whatever the IP addresses is of theserver
they've told me to put my content on.
and will actually look in little moredetail
what's involved in that.
..but any questions?
so in answer to the somewhat
frequent problem where a websitedoes work at but not at
How do you fix something like that?There's usually two pieces to the
1. You have to make sure that there's aDNS record for
that is, there's an IP address associatedwith it. In addition to one being
associated with
and you need to configure the webserverto accept requests for either
but really let's focus on just thisDNS piece for now.
so DNS... turns out the DNS isrelatively straightforward and once you
start operating a whole bunch ofservices on your own website. Maybe you
have an email server,
maybe you want to use hostedservices like Google calendar
Google docs. You can do things like
actually for CS75, for this course,
the TFs (teaching fellows) and I
use Gmail essentially to host's email
so that's the website as I'll soon reveal
if you haven't pulled up the website,
and we want to be able to have an emaillist so that each of us can email
everyone else very easily. So we want email addresses of the form
Now how do we do this? Well, we couldset up a mail server, we could pay
someone to do this, but an amazing serviceout there is Google apps, some of you
might be familiar and for small fishlike us where we only have a few people
on staff
you can actually have hosted Gmail,hosted Google calendar, hosted
Google documents
for I think 20 or fewer people for free
and what you do is you configure yourown DNS servers
to map
something like
to essentially so thatwhenever we send an email to
something of the form, it figures out
via DNS to actually go to Google.We could have
and you hit enter,
you actually end up at Google Calendar,but our copy of
Google calendar, and this is all thanksto DNS and there's only a few
settings with which need to be familiarand we already talked about this one
an NS record
a record in a DNS server
that tells the world what the IPaddress is for that domain.
So, what's inside a DNS server?
Frankly it's a database, and you canthink of it as like a database with
excel files so spreadsheets that justhave rows and columns
and those columns essentially represents..In each row, rather, you would
have for instance a domain name and an IP address.Domain name : IP address.Domain name : IP address.
That's really allthat's underneath the hood in a DNS
server at least so far as we're concerned.
But there are different types of rows.So one of those rows can be an official
that says the name server, NS, for thisdomain is whatever IP address Dreamhost gave me.
For instance
Now, what else can I have?
Well there's an "A" record. So an "A"record, a row of type "A" in that this
spreadsheet of sorts
is literally
Domain name : IP addressit's as simple as that, so if I had
In it's like the address should bexd w dot x dot y dot c
that's what's called in a record
and i can also have mail docs aresomething dot com or calendar dot
something dot com
and i can associate with an i_q_ dress
and how do i do this they totallydepends on your registrar or on your
d_m_s_ provider whether extreme postergo daddy like
but these days it's usually a webinterface back in the day
it was a command line you added a textfile on the server but these days it's
been made to be more user-friendly butit's essentially
a spreadsheet
thirst to his slightly fancier features
a c name
or canonical name
isn't alias so it turns out with a lotof these webservices like school blacks
where google's providing the service
you don't necessarily want to have toknow what google's i_p_ addresses
writers one deep right on the only onewho works there and so you can't really
ask them out frankly could run a commandin figured out
but if you hard code into your work in aserver
the i_p_o_ dress of google dot comimplication is that if they ever need to
change their i_q_ address which happensnot everyday pretty however few months
few years for whatever technical reasons
now your website goes down
it's common kinda be better
at least like a conceptually if
calendar dot something dot com
didn't resolve to google's likey addressbut rather what if pounder dot google
dot com could instead resolve moregenerically too
calendar dot google dot com
so don't have your domain map to a nikeaddress
had your domain name map to someoneelse's domain
and then let baird cnf server tell theworld
what the ac current i_q_ addresses of
calendar dot google dot com
so in other words if you want this layerof obstruction where you don't care what
the i_p_o_ dresses you just care thatyour domain india synonym for someone
else's domain name
then you use a c name record and whatthe two columns look like our domain
name domain
instead of the main aim aki address
so it's a wonderful useful feature
especially these days if you look intohosted solutions not just like to
but companies that have services like
uh... you know i customerservice forums
if you go to a website know often havean address like support dot dell dot com
or the like
well there's a lot of companies daysthat to provide
our customer service web sites
at but it would look kind of lame if igo to del dot com and i get redirected
to customerservice dot com
del would provide read rather re brandsomeone else's service
to look like dell even though someoneelse implemented and is hosting it so
why us by a c name someone like dellcould say support dot dell dot com
should actually result tocustomerservice dot com but the user
should never know that because the oralstage support dot dell dot com so that's
just one of the things you can do
with these things called seanangs
and lastly in annex record as a maleexchange record
and mail change record simply states
what is the i_p_o_ dress
of the server or servers that shouldhandle inbound mail
for this domain
and this is great
because when you use your door overgmail or outlook
and you type in the year uh... davidmail-in at harvard dot e_d_u_
and hit enter
similarly there you have no idea whatharvard's i_q_ dresses
but your computer does but it's not thei_q_ dress of harvard that you do you
per se that your email client needs
it's the acted as a partridge mailserver
so thanks today that's your mac or pc
can ask your icici is deanna server orgdot doc dot this whole hierarchy we
discussed earlier
in state what is the annex record forharvard idea
and harvard dot e_d_u_ still means nameservers should be able to say send all
mail to the psyche address
and what's nice about annex records asyou can have multiple wants with
so websites orf rather
uh... domains that had very old largenumbers of users were you really don't
want their mail servers going down
you could have two or three or tendifferent mail servers
and the d_n_a_ system all say try thisone than this one than this one than
this one
just in case any of those go offline
it's all thanks to d_n_ s and whileresearch take all this for granted
once you start developing your ownwebsites maybe creating your own
companies or confirming back your ownschool having these abilities is
wonderfully powerful and it really boilsdown to
any questions
all right so that was kind of a lot wantto take out three or so minute break
characters restrooms in the hallwaythere soda machines i think around the
whole corner
on the move rejoin in about three mins
alright we are back so
why don't we take a look at the courseitself and what you are in four and with
the courses expectations are so in termsof prerequisites the official
prerequisites are these so much moreyears of programming experience as well
as comfort
with html c_s_i_s_
so what does this mean in real terms sosummer school is very short since about
six weeks and of course has three nalunch for billy sized projects
and the gold really is to make sure thatat the end of this short semester
you feel quite comfortable going off anddoing much more on your own in the way
of website development not just htmlonce yes s
informed static websites but reallydynamic websites that are driven by
a language like p_h_p_ and javascriptback in the database like mysql
so it's a fairly intense course uh...
if you believe takin
something like computer science asks oneof the introductory computer science
we're just one or two courses i will sayfrom past experience
you'll probably find the core
challenging to say the least andtypically willy estimate about thirty
hours per project so there's threeprojects universally nine days for each
of them
on that's about thirty hours each butthat was beyond average so students for
whom programming is a little lessfamiliar or it's been a bunch of your
since you program to read only taken oneor two introductory courses but don't
really think of yourself as a programmer
on the course is definitely morechallenging so do beware uh... diving in
i will say if you're on that fence andnot sure if your comfort level in
background is there
but you can go to c_s_ seventy-five dottv which is the opencourseware site for
the course
where we have several previous semestersworth of lecture videos handouts of
projects some of which will be aresimilar to this summer's
so by looking for the past you canperhaps in for as to what this summer
will be like and get a sense then
if the p_b_s_ of pastors projectscompletely overwhelm you
or completely excites you
so i would try to use that as anadditional input tonight
uh... before deciding whether this isthe course for you
um... in terms of expectations
and there are these three projects inattending or watching if distant or
unable to make it all in-person thelectures
on the lectures will be structured asfollows two tonight our focus is on
h_t_t_p_ and for the mechanics theunderlying fundamentals of the internet
that for years you prolly taken forgranted
but once you really start building yourown website and having to negotiate
things like configurations of serversand coding databases tonight will start
looking at some of those more technicaldetails
on wednesday and han next week will lookat p_h_p_
itself so one of p_h_d_'s on mostcompelling features these days is one
it's in tactically very familiar arevery similar to mine which is with which
many of the folks in this room in athome or familiar syntactic lee it's
similar to ciency plus plus
on and other a procedural languages
on this very much in vogue very popularit's pretty only present these days in
terms of the web hosting companies thatthey're out there and its super easy get
setup even mac o_s_ comes with p_h_p_ anapache the webserver pre-installed
and their packages for windows in thenixon other computers that make it super
simple to get setup on in terms ofrelated languages rop iphone in ruby
you're probably the to close thiscontenders in terms of popularity with
and none of these is necessarily betterthan the others who could very quickly
devolve into a religious debate
but one of the nice things about p_h_p_is again the omnipresence of support for
a doubt there
and also i think pedagogical e thedocumentation for p_h_p_ is outstanding
and as you'll see
the p_h_p_ dotnet online referencemanual for functions and whatnot is rich
with examples intelligent discussionsand so we've just found
that it's a very nice way of diving indeeper to web programming in front of
course like this you should be able tocontinue on
if you haven't come from that directionare ready to the likes of pipeline
of ruby andrea speed for the job ofworld they espy's for the windows world
there's a lot of commonalities amongthem
will transition lecture three
to looking in exile alyssa when it comestime to actually store data whether
statically or dynamically
you don't need a full-fledged databaseyou don't need my sick we don't need
oracle you don't need anything alongthose lines you could just use text
but he'd be nice if it's easy to readand write those text file select some
is a very popular language of sorts ofmetal language with which to right now
textual files and to representative moregenerally of the topic will come back to
when our javascript lectures
on the document object models so they'llbe some commonalities there
uh... as sql are structured querylanguage is what's used by a many
relational databases these days amongthem my sequel
oracle postgresql theirs
also in vogue these days or are nosequel servers document uh... storage
engines which will look at later in thesemester as well
but will primarily used for the coursesprojects my sequel
will look at lecture six and seveneighths javascript and at this chat more
general technique of ajax the ability toyou
whose javascript
to query a server even after pagesloaded
to get back more data for instancegoogle maps does this to get more
reptile squares of mapping informationwhen you click and drag
a face book does this to push of liveupdates from your news feed in the light
i will look toward the end of thesemester then
at some higher level concepts like
security which wool interlacedthroughout the semester but will really
focus on it
in lecture eight looking at commonattacks on web servers on websites on
so as to not necessarily acquaint youwith everything they can go wrong
but to at least plant the seeds in yourmind of things you should be thinking
about indeed there's so much code outthere
that is just one ruble because thepeople don't think do things like
sanitize user input that is they don'tcheck it for dangerous characters
so we'll talk about things like sequelinjection attacks will talk about
uh... prostate scripting attacks in anynumber of other ways
that are so darn easy to avoid
yet many people just
don't realize it or don't know howinferno typically
simple little function calls conflicts
and in the last lecture will look atscale build so would be of great problem
to have if you've got so much traffic
that all of the lessons you learn fromlecture zero two eight
uh... starts at your website searchcrumbling under the load and so will
conclude the semester by looking at
okay now you have to build now for a fewdozen people two hundred people your
but several thousand or maybe evenseveral thousand people per second how
you actually scale
from one little webserver to a biggerone
but then once you have the biggest andmost expensive available webserver what
do you do
we start to scale as they say poor isawfully so you get multiple servers
maybe even cheaper slower web servers
but you somehow figure out how tobalance lowdown so to speak traffic
across them
how do you do that we databases how doyou do that geographically
uh... how do you do that with cloudcomputing a buzzword that's all the rage
these days but has a very interestingtechnologies inter-lining
will wrap up this master looking atthose bigger picture
in addition to second lectures
we will have most weeks on sections inoffice hours for the course has
uh... for teaching fellows folks whohave either taught or take in the course
who'll be with us in the form ofsections and office are sections will be
a more slightly more intimateopportunities so on wednesdays in
monday's typically right after lectureif you'd like to stick around to dive a
little deeper into that weeks project
so in addition to the pbf specificationyou'll get of a project
one of its yes will walk you through theweek uh... the week's project to give
point now
offer some design tips awesome helpfuldirection answer any confusion
why did something quite poorly inlecture we can revisit those kinds of
luck topics in sections that you getanother perspective altogether
and then office hours which is meant tosimply follow
section so one section officially wrapsafter an hour
uh... office hours will be anopportunity for one-on-one human a with
one or two fifty s
uh... and this will be an opportunity inparticular
for questions with the projects ifyou're having trouble understanding
something trouble chasing down some bugin addition to reaching out to us on
line with a bs in person opportunitiesfor those of you who are local for those
of you were dissent
more on the online opportunities in justa moment
in addition to
um... the courses classes there areprojects three of them and they will
roughly in the order of the topics onthe syllabus portal start in terms of
p_h_p_ which would be new to song ormost people in the room
then will introduce mid semesterdatabases in my sequel being will
introduce javascript and ajax
and so that all sense would be thetripartite approach
of the courses projects in terms of thetopics
um... in terms of grades on projects aregraded fairly holistic lead because
you'll be encouraged to make a lot ofdesign decisions on your own
you won't necessarily have to implementper slice lee
what we tell you to rather you'll haveto meet certain feature and technical
so will to evaluate the three projectson these axes cisco will be in axis that
and it'll be a numeric sport thatcaptures how much of the project you
actually attempted
uh... correctness will capture how muchof your code works in accordance with us
if it's very body that would not beconsidered very correct
design is more subjective design is painmight work might work perfectly
but does it look like a mass underneaththe hood you had like ten nested four
that's that is not good designed forinstance
and so designed to be an opportunity forpf particularly qualitative feedback
from the teaching fellows on your code
and style
is the more of the aesthetics or yourvariables reasonably named are is your
code well commented is it nicelyindented
the sordid easy things that are goodhabits to getting to meet if you're not
yet enough
that's what we define a style
and then just for reference things areweighted in roughly the order the amount
of time that's required to get thingsright
so for instance this is the formidableused a computer total score for each of
the project
were correctness for instance isweighted more heavily
then style and uh... batch of capturethe fact that
inventing a code polish and take you allthat long but she seemed on bob's
concert retake
quite a bit of time
so the format was meant to capture
um... the courses website which helpopen just a moment has everything that
you will need for the course includingvideos of lectures if you can't make it
some evening work it's tricky because afull time work
totally fine to watch the courseslectures online all the handout
similarly will be available there
what will be rolling out over email thisweek is access to a tool that actually
uh... we've used in another class ofmine concious fifty but it's a
discussion tool that will allow you tointeract with classmates with myself
with the courses t_s_ online
sab online discussion forms of sorts butusing some of the same technologies that
will talk about
in the class including a jackson similar
on so you will soon receive emails fromus with invitations of sorts to create
accounts within the uh... website
so that we can you can start directingquestions to classmates poor privately
to the staff
biopsy is fifty discuss
so any questions on the structureexpectations of
but here in the right place
must of course itself
in terms of
attendance is uh... expected andencourage bucks not factored
so see it in a sense of protracted
then in terms of lecture typically wereese were slated for three fifteen to
six fifteen i think will rarely go lolthree hours typically the same course
during the year on these two hours ofclassical typically have a little bit of
wiggle room and let me not commit tojust two hours per night
on but we will typically not go i thinkas many as three hours for the frankly a
lot to take and com twice a week no less
uh... so uh...
where we end up its act
any other questions
olin over there are two sections
the implication of that detail
is that sections will not startnecessarily eta preordained time what
will try to do is the test will come abit early
so if we do end up wrapping up a lecturewe'll take a short break the band i've
been right outright immediately tosection
an office hours so that you don't sithere awkwardly just waiting for an
arbitrary time to come around
for the distance students sections willbe filmed as well and we will be making
ample use of online interactions forstudents who are primarily distance on
and we've also experiment in the pastwith things like skype in video
conferencing or
online chats com were quite flexible forwhatever works uh... pedagogical for
good question and typically not fordistance jeans with sections we do film
them but there is some leniency in whenwe post them we may experiment with
trying to straighten some things onlinebut this room is not equipped for that
so i shouldn't makeup promises to thatjust yet
but either way things will be availablein synchronously after the fact
the office hours will typically be rightafter sections on mondays and wednesdays
which are right after lectures
uh... the motivation being especiallyfor folks who commutes
we figured we try to compact things frommondays and wednesdays you'll have to
come to campus yet again
and we're flexible too if for instance
you're really struggling in the classyou have lots of questions or
your schedule you have a nighttime classright after work
'em were happy to do things byappointment as well
soldier will will meet you half way asbest we can
somewhat hosting companies we talkedearlier about d_n_a_ aspin sort of
getting traffic to some destination b
but once they get their what's waitingfor the use or where are your rates tim
allen's yes essence in p_h_p_ filesactually store
so this is a little screenshot from thisone company dreamhost and i don't
necessarily recommend them over anyothers
but they're popular among our own andsuper cheap and just to give you a sense
of what you get
and what you don't really get
here's a screenshot of what you get forparity for eight ninety five per month
so you'd have to get unlimited terabites
of disc storage space
uh... you get unlimited tera bites ofmonthly bandwidth you get an unlimited
number of domains hosted and you get anunlimited number of user counts email
account bicycle databases
and at the turn of the distribution ofthe next fall back
took ourselves to good to be true
so what is the capture
but that's an amazing deal for eightninety five
unlimited everything
so what are some of the taxes are whatare they doing here technologically to
make this possible
exactly so a lot of these web hostingcompanies are shared services whereby
you might get this
but they're also promising the exactsame thing to ten other people to one
hundred other people
now turns out that its g_d_p_ theprotocol we discussed earlier
there is a future for these days forwhat's called virtual hosting
so back in the day for the web everywebsite needed unique i_p_ address
essentially so that when you type insomething dot com
you went to one web sites and thatwebsite madonna server that server had a
nike address and if you want to thesecond website
you better get a second server or thesegive that computer a second i_p_ address
however in more recent versions ofh_t_t_p_
will see through some experimentationwith actual browsers
browsers send and other issue to behatter they don't just send gets
they also send a reminder to the webserver as to what the user typed into
the u r l
so that you can now have these daysmultiple websites foo dot com bardot
combats dot com all living on the samephysical server
at the exact same like he address
and because the browser's remind theserver what the user typed in
from dot com or bar dot com or about dotcom
the server
even though it's receiving traffic forthree different websites
can figure out from those so-calledheaders what was requested
and then return the appropriate
so in this case
that's great 'cause it makes thispossible we only have four billion i_p_
addresses in the world in the arelegitimately running out and so this is
great that we can multiplex servers inthis way and put multiple people
multiple websites on the same mikeyaddress
but there's a couple dot that's what'sthe implication of yes
the fact that multiple customers on thesame machine
goods of the mission crashes now all ofyou are affected rather than just the
contention for resources right so you'rekind of in bad luck a bad place it for
instance when the other customers on thewebsite server is face book dot com or
something then take xiv unexpectedpopularity on all of a sudden
or maybe it's a web site that's really
text someone off
and is getting some kind ofinternet-based attacked like a denial of
service attack
because people going after that websiteand just because your server your web
site on the same server
now you are down or otherwise offline aswell
moreover at one of the res one of theways in which these
uh... companies offer such discountedprices this 'cause it's not just you and
to other websites as prime not ten
it could be a hundred could be athousand other customers on the same
and so there must be some fine printhopefully there's some fine print
that does say this is subject tosomething right they don't have infinite
tera bites on their web service infinitebandwidth there's gotta be some catch
otherwise the world monopoly thousandsof dollars a month to host a real
large-scale websites
so you again sort of get what you payfor
and this is actually expense of yearsago i signed up for some fly-by-night
operation for like two ninety five byyear
um... to host my website and it was awebsite that i did not care much for and
that was good because it went down quitea bit um... so what they're not
guaranteeing here's unlimited uptime
for instance so there some
some doctors
but frankly if you're just startingsmall you just one experiment you need
place for testing website or
you don't you're eight ninety five ismore compelling than several hundreds of
dollars or even more
um... this is certainly fightscompelling
but as an aside things like emailingcalendar and what not there's another
alternatives you don't need to get thosethirty-year west coast when places like
google exist
but suppose you are
not so comfortable with that approachand you suppose to
that you're not comfortable also withthe fact that
we used to not have any control over adreamhost like server
because it's being shared by otherpeople in it because it's being managed
by other people
which is to say if they are runningp_h_p_ five point two which is a few
years old
so rio like you're running p_h_d_ fivepoint even if you want to take the
advantage of new language features theywere introduced in p_h_p_ five three
and more recently p_h_p_ five four
you're outta luck like you're gonna haveto other funny web poster just deal with
it you can't just install it yourselftypically
so similar they can you not upgradedifferent versions of software you can
assist early reconfigured the webserverat will
now they might give you some form ofcontrol but you'll reach a point perhaps
we're just too frustrating not to haveadministrative access to the server
so you can still achieve that so virtualprivate servers d_p_s_ is or an
alternative to shared web hosting model
and the d_p_s_ world
you get a dedicated server to yourself
you get the allusion of the dedicatedserver to yourself so thanks to a
technology generically known asvirtualization
these days you can park by our serverwith like a bunch of six user a bunch of
course lots of ram lost of disk space
and then you can run virtualizationsoftware on it uh... something known
janet generally is a hyper by sir
like vmware or parallels or virtualboxthere's a whole bunch of these products
free in commercial like out there
that once you run them
and install them on the server
on top of that software you can theninstall multiple instances of windows
multiple instances of lyrics multipleinstances if they allowed it of mac o_s_
so you can create the illusion ofmultiple distinct computers
each of which has its own usernames andpasswords its own administrative or
so-called route account
and even though they're sharing thephysical hardware
they are not sharing the same software
so what you would get as the customer isthe root login or the administrator
login to your machine
now there's still the risk of resourcecontention
because these players to go to the quickover provision freshly if your pet
in nineteen ninety five a month and nota hundred and fifty-nine ninety four
ninety five months
you're prolly gonna be on the serverwith fewer resources or with more
but at least here you gain something
and if you've been following along
what is it fundamental you're gaining
from a d_p_s_ that you didn't get from aweb host
control you can to keep things up todate you can install whatever you want
and also
it's all morning altar serverscompromised
all it's our your words
might not p
whereas if the web hosting server iscompromised everything on that server
is potentially for durable
so still not perfect because the realityis too
even though you are the only one nowwith through ordnance traded access
because it's a dedicated albeit virtualserver for you
that she was kind of a white lie whoelse has access
the people there
even if they don't know your passwordthey have physical access the machines
easier physical access to any machine inthe world pretty much
you can't compromise that you can doanalytics computer for instance can be
glued in what's called single user mode
by pretty much any letter x when itsbooting up
and that sort of bands any request forpassword at which point you can even
change it
um... even on p_c_s in computers you canusually reset certain passwords by
opening the case up
putting a little metal connector ontopins in a short circuits out the
password and clears it out
so in short physical access bat forsecurity so you're not gaining more
security off fundamentally
you're just making it less likely thatsomeone else's compromise will affect
and in some of these systems somesoftware
that system administrators we'll havethe password or at least access to the
root account on your server
so in short we should just assumed thatthis is for you
but probably at least one other personcould physically access
your conscience
so what do you get uh... for the money
well here and frankly these numbers area little more compelling 'cause it's not
on limited so what you're kind ofinclined to believe a bit more about the
quality of service for getting here
but twenty gigabytes of storage nothat's fine for typical website unless
your website
has a ridiculous amount of traffic indatabase traffic and logs which could
build up and start taking mags arebigger bites of space
uh... or if you're allow users to uploadfiles are photos then you might need a
lot of space
but many websites even if they aredynamic this is probably planning
transfers an interesting one twenty twohundred gigabytes per month
for most websites that's probably fineand less your website is a photo website
or worse a video website
then you have to start to do the mathand figure out exactly how much traffic
data will be coming in and out of yourserver
based on users patterns and moreoverthere's also corner cases this will
discuss toward the end of semester yougotta worry about the bad guys out there
if someone just unlike you words boardor download some free piece of software
that bangsar bangs the heck out of yourcomputer
they could just you've got your monthlyallotment of bandwidth
just by sending bogus traffic ordownloading the same video again and
again and again
so there's very interesting adversarialtax
when you have
finances somehow tied to usage so youneed to be where that especially with
cloud computing
uh... and let's see you get some amountof ran five hundred twelve megabytes
and so forth one of the things will lookat the ring the semesters we start
playing with apache
is all give you a sense of uh... how youcan assess how much ran your computers
using image disk space it's using
i dare say when the most commonplatforms for web hosting these days
whether it's a vp s
or it's is a
uh... sir by post
izla nixon some form whether it's debbiein or for the world war ubuntu war red
hatter sent offer any number of versionsof the next
will happen to use the door of the classbut it's representative of many a
operating systems
you can use mac o_s_ but it's not reallyuse commercially to host websites just
'cause that's not really xoxo
geared toward that
you can use windows on but you reallythere's no good reason
there's no
come technically compelling reason touse a windows machine to host things
like p_h_p_ your python ruby
'cause you're paying money for windowslicense to run free

Categories: Business

Tags: google, Internet, websites

About Website Development

View Website

Press Contact
Website Development