Fix Hacked Site

HTTP: What is it and how does it work?

HTTP (Hypertext Transfer Protocol) is the foundation of the Internet and is used to load websites using hyperlinks. HTTP is an application layer protocol designed to transfer information between connected devices and runs on top of other layers of the networking protocol stack. A typical flow over an HTTP connection involves a client machine sending a request to a server which then responds by sending a response message back to the client.

What’s in an HTTP request?

An HTTP request is a method by which an internet browser asks for the information needed to load a website.

Every HTTP request sent across the Internet carries with them a set of encoded data that carries different types of information. A typical HTTP request usually includes:

  1. HTTP version type
  2. a URL
  3. an HTTP method
  4. HTTP request headers
  5. Optional HTTP body.

We’ll explore in greater detail how these requests work, how they can be used to share content, and how the content can be used to share specific information.

What’s an HTTP method?

An HTTP method (sometimes called an HTTP verb) indicates the action that the query expects from the server. For example, GET requests to expect information back in return, whereas POST requests typically indicate that the client is submitting some kind of information to the web server.

What are HTTP request headers?

HTTP headers store text information in key-value pairs. They’re included in every HTTP request and response. These headers communicate core info, such as what browser they’re using, what data is being requested, etc.

Here’s an example of HTTP request headers from the network tab of Google Chrome’s developer tools:

HTTP request headers

What’s in an HTTP request body?

A HTTP request’s body is the part of the request that contains the information being transferred. An HTTP request body contains any information being submitted by the user to the webserver, including a username and password, any other data entered into forms, etc.

What’s in an HTTP response?

An HTTP response is a message that a web client receives from an Internet server in response to an HTTP request. The output is a list of phrases. Each phrase is a sentence containing one or more words. These responses communicate useful information based on what was requested in the HTTP request.

A typical HTTP response contains:

    1. An HTTP status code
    2. HTTP response headers
    3. Optional HTTP body

Let’s break these down:

What’s an HTTP status code?

HTTP status codes are three-digit codes that are usually used to indicate whether an HTTP request has been successfully completed. There are five different status code blocks:

      1. 1xx Informational
      2. 2xx Success
      3. 3xx Redirection
      4. 4xx Client Error
      5. 5xx Server Error

The “xx” refers to different numbers between 00 and 99.

Status codes starting with the number ‘2’ indicate a success. For example, after a client requests a web page, the most commonly seen responses have a status code of ‘200 OK’, indicating that the request was properly completed.

If the response begins with a 4 or 5, that means there was an issue with the page and it won’t display. If a status code begins with a 4, then it means that the request was made from a client-side. It is very common to encounter a 404 Not Found status code when making a mistake in a URL. A status code beginning with 5 indicates something went wrong on the webserver side. Status codes can also start with 1 or 3, which indicate an informational message and a redirect, respectively.

What are HTTP response headers?

Much like an HTTP Request, an HTTP Response comes with headers that convey information such as the language of the data being sent and its format.

Here’s an example of HTTP response headers from a web page loaded by Google Chrome’s network tab.

HTTP response headers

What’s in an HTTP response body?

A successful HTTP response to a GET request usually has a body containing the requested information. In most web requests, this is HTML data that a web browser will translate into a web page.

Can DDoS attacks be launched over HTTP?

Remember that HTTP is a stateless protocol, so each command runs independently from any other command. A request in the original specification would create a new TCP connection every time it was sent. With newer versions of the HTTP Protocol (HTTP 1.1 or above), persistent connections allow for multiple HTTP requests to be passed over a persistent TCP connection. This improves resource consumption. A DoS or DDoS attack involves sending a large number of HTTP requests to a web server. These requests are usually sent from multiple IP addresses. They are considered part of application-layer attacks or layer 7 attacks.