Security is an important part of programming. In this video, take a look at how it fits into web development and what you need to learn about security and how that fits into web development.
- The technology that made the web possible is a combination of two protocols called TCP and IP. Before this technology took off, most communications between computers happened by computers that were directly connected to one another. It's sort of what happens when you get one of those older strands of Christmas lights. If just one of them in the sequence was broken, then none of them would work. Now, TCP IP allows computers to form different types of connections. This creates connections that look more like spiderwebs than straight lines. There's two ingenious things happening here. First, the messages aren't all sent as a single, huge file. They're broken down into little pieces called packets. Now, that's the TCP part. The advantage of the packets is that data can travel through the best available paths at any moment. This is like when you place a big order from Amazon, and the packages that make up the order might arrive at different times and be sent from different places. But how do the packages know where to go? That's what the IP part does. It's a series of numbers that describes the location of the packages. Now, think of them as the address of your house. Your ZIP code tells the post office the general location of where you are in the country, and then the street address gets more specific. Most of the time, when we're working on the web, we don't see these numbers. But instead use names like Google.com or LinkedIn.com. But those names get translated into numbers by a sort of address book system called the Domain Name Servers, or DNS. Now, these are simply machines that manage translating the names that you type into a browser, into IP addresses. Now those can be located by computers and hackers can sometimes target the DNS servers because it's a way to overwhelm access to more than one website. The Internet uses a notation called URIs or Uniform Resource Identifiers. And they're also known as URLs or Uniform Resource Locators. When you type in an address, like https://linkedin.com, you're identifying that you want to use the ACTPS protocol and that you want to locate the LinkedIn domain using the dot com extension. A DNS server will translate that into a number and send the request to a server that returns back a website. URIs can request information from different ports. Now, these are like T.V. or radio channels, so although you're enjoying a show on the same television, the information can be coming from different channels. Hackers can scan these ports to see what services a company is offering and attempt to upload files or exploit other vulnerabilities. Like the DNS server, there is a bunch of information that passes between client and servers. One of these pieces is something called HTTP Headers. Now, think of them as the tags that you get when you purchase clothing. It's something that you probably ignore, but it's there and can provide a lot of information to hackers. These headers can also have useful information when working with servers on the back end. Developers can often read and manage this information to make their sites more secure.
- Types of web developers
- Server technologies
- Getting web development training
- Choosing the right tools
- Getting a job
- Negotiating your salary