What is a Web Server?

A web server is software applications that delivers web page content, dynamic and static to web clients such as a browser or a mobile application over the HTTP protocols.

Web servers are critical pieces of internet infrastructure used by busienss and individuals to reach their audiences.

How Web Servers Work

Web servers work by receiving requests from clients, such as web browsers, and then responding back with a response containing requested content.

The content can be a text file, an image or a video. Any mime type configured on the web server can be sent back to the requesting cient.

What is a Mime Type?

A Multipurpose Internet Mail Extension (MIME) type indicates the nature and format of a document or a file.

Common mime types are:

  • text/plain: For text content
  • text/html: For HTML content
  • text/javascript: For JavaScript code
  • image/jpeg: For jpeg images

The image below shows how request and response interchange takes place between a web server and a web browser.

HTTP Client Server Communication with Web Server

Let’s look at how this communication works:

  1. Web browser sends a request for a web page (or other content), specifying the URL of the page, over HTTP protocol.
  2. The web server receives the request and then gets the data either directly from the file system, such as an image, or in case of dynamic content, requests a module, such as one for PHP, to process the request and upon success, send the data in an HTTP response back to the original client.

Client Server Model

As shown in the example above, a web server uses the traditional client server model to process all incoming requests. This model is a fundamental architecture used in the design of all web-based applications and services.

The client server model is a powerful architectural pattern that enables creation of a scalable, secure, and reliable services.

By separting the responsibilities of the client and server, the model allows flexibility to design clients providing a rich user experience while the server is optimized for serving client requests.

The client server model is also used internally by the web server to process requests for dynamic content by acting as a client to a module (like mod_php) forwarded these requests.

Now that we have a basic understanding of what a web server is and how it works, let’s look into more details.

HTTP and HTTPS Protocols

The Hypertext Transfer Protocol (HTTP) and Hypertext Transfer Protocol Secure (HTTPS) are two protocols used by web servers to communicate with clients, such as web browsers.

HTTP is a stateless protocol, meaning that each request from a client is considered a new request and does not depend on the contents of the previous requests.

The incoming HTTP request has the URL and information about the client requesting the resource.

The HTTP response includes headers added by the web sever and the body of the HTTP response includes the contents of the requested resource, which could be text, image or another file type.

HTTPS build on top of the HTTP protocols but uses encryption channel to communicate. The encryption channel alows the content of the request and response to be protected from unauthorized snooping.

The protection provided by HTTPS allows for safe exchange of data such as passwords, credit card or other financial information.

The HTTPS channel is encrypted using Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols.

HTTP vs HTTPS Protocols
HTTP vs HTTPS Protocols

Key Features of a Modern Web Server

  • Handling of static files.
  • Using modules, provide support for dynamic content requests.
  • Provide the ability to extend functionality using pluggable or built-in modules.
  • Support HTTP protocols: Versions 1, 2 and 3.
  • Support authentication and authorization for resource access.
  • Support URL rewriting
  • Provide the ability to filter and access resources using IP geolocation.
  • Session management
  • Support for CGI interface.
  • Load balancing
  • Proxy configuration

Listed above are some key features and services provided by modern web servers. These are available either with the core code of the web server or added using modules.

Note: Modules are add-in code that a web server can use to provide additional featuers.

What are the Key components of a Web Server Infrastructure?

To provide HTTP(s) services for web clients, multiple software components and services work together to support a web server infrastructure processing incoming client requests.

Operating System

A modern web server should run on a secure opeating system that is actively supported. Most of the operating systems provide additional services to add web server hardening features such as file level ACLs and software firewall to limit access and add an additional layer of security.

Database Management System (DBMS) and Caching

A DBMS stores and manages data. Web servers may require DBMS support when advanced features such as session storage and caching are used.

Object cache, such as Redis are used to cache sessions and other content type in memory to reduce response times for client requests.

Domain Name System

The DNS servers maps domain to IP addresses. A web server uses a DNS for resolving mapping hostnames for accessing outside resources.

Firewall and Security Systems

A firewalls are a software or hardware based systems use to monitor and control network traffic. Firewalls are commonly used to filter or block network traffic based on a network port or an IP address.

Network firewalls are used to protect against unauthrozied access and for protecting against denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks.

Both Linux and Windows come with built in firewall protection. There are other vendors providing firewall solutions such as F5 networks with their Big IP product line.

Load Balancers and Reverse Proxy (optional)

Load balancers and reverse proxy systems are optional pieces of software that provide redundancy and scalability to a web server infrastructure.

Load balancers work by managing multiple web servers and sending requests to them using various strategies such as round robin or Least Recently Used (LRU) algorithms.

Reverse proxies are used to cache the content of web responses to reduce network response times and by eliminating the processing of request by application by sending back response data from the cache.

Summary

Understanding the above listed components is essential to design and maintain a reliable, scalable and secure web serving infrastructure.

Types of Web Servers

There are different types of web severs available for different use cases. Although all of them support communicating over HTTP and HTTPS, they may different with their own unique set of features.

Shown below in the table are some of the most common web servers:

Application or Web ServerRuns onDescription
Apache HTTPD ServerFreeBSD, Linux, MacOS, WindowsOne of the most widely used web server. It supports all common operating systems.
LighttpdLinuxThis is a lightweight and fast web server used for serving static content.a
Microsoft Internet Information Server (IIS)WindowsDeveloped by Microsoft, it is designed to work on Windows operating systems. Used mostly by companies committed to the Microsoft software stack.
NGINXFreeBSD, Linux, MacOS, WindowsA high performance web server used mostly to serve static content. Its high performance and low resoruce footprint allows it to used extensively in a reverse proxy setup.

In networks where hardware based firewalls are not used or are too costly to implement, NGINX is also used as a load balancer.
NodeJSFreeBSD, Linux, MacOS, WindowsNode.js is a cross-platform, JavaScript runtime environment that allows developers to build high-performance applications using an even based architecture.

It is built on top of Google V8 JavaScript engine and provides a rich set of features.
Open LightSpeedFreeBSD, LinuxAn extremely fast and lighweight web sever. It is used when high concurrency and fast throughput are required.

It supports all the bell and whistles, providing features such as HTTP/3 support, SSL/TLS encryption, and a web-based management interface.

If your use case requires PHP, then this is the fastest PHP server you can find.

How to Choose a Web Server

If you are choosing a web sever for building test websites then most of the ones listed in the section above will work for you, with some exceptions.

Listed below are some factors to consider when selecting the right web server for your needs.

Compatibility

Choose a web server that is compatible with your operating system and other software and tools used within your setup. For example, if you are a FreeBSD or Linux shop then using Microsoft’s IIS web server will not be an option for you.

Cost

There are two types of costs when considering any type of software component. The first is the direct cost, which is the cost to require the web server. The second cost is the indirect cost which is the cost to maintain and run the said web server.

The first is easy to calculate, but the second, indirect costs, requires some effort to estimate. For indirect costs you need to consider the hardware costs and staff costs to maintain such server over the long term.

Open-source web servers, such as Apache HTTP Server and NGINX, are free to use, while commercial web servers, such as Microsoft IIS, may require a license or subscription fee.

Do note that some of the open source servers such as NGINX and Open LightSpeed also available as paid commercial offerrings.

Performance and Scalability

Performance of a web server is critical to the success of a website. A slow server that takes a longer time to respond to incoming client requests will degrade user experience and may end up costing a business in lost customers. Using event-oriented web servers such as Open LightSpeed and NGINX can reduce response times for clients.

Scalability is the ability of a web server to handle increasing traffic loads and user requests within a given time. Using load balancing features of a web server a web serving infrastructure can be scaled up or down on demand.

Security

Choose a web server that has strong security features built into the server, such as firewalls, encryption, and access control. Apache, IIS and NGINX are all known for their strong security features.

Support, Feature and Bug Updates

It is important to have multiple support options available to service issues with web server infrastructure. There are online resources available for all the web servers, but companies may require some type of commercial support services to back up their critical real-time infrastructure.

IIS, NGINX and Open LightSpeed all have commercial paid versions of their web servers. The commercial versions of the software come with support agreement to help resolve bugs and other other support issues.

One more thing to note is that it is important to work with a software that is actively developed. This helps with keeping software up to date and able to guard against buggy code and newly developed threats.

Add-on Features

Every environment has unique requirements. Sometimes more funtionality is required from a web server, such as the ability to filter incoming requests based on IP address location. Ensure that the web server you are selecting has the features you require.

Conclusion

A simple terms, a web server is software that is responsible for serving web content to clients over HTTP or HTTPS.

Its use goes from simple website providing information about what a company does to feature right applications providing mission-critical operational services.

With many excellent options available sometimes it can be difficult to select the right web server for your needs. In this post I have tried to provide you some information to make it easy to understand what a web server is, how it is used and what factors you should consider to select the right one for your specific needs.

Let me know if you have any questions.

Frequently Asked Questions

Web Server vs. Application Server, What is the difference?

Usually, both server types communicate over HTTP(s) protocols to service incoming client requests. But there are a few differences as shown below:

Application ServerWeb Server
HTTP / HTTPSSupport both HTTP and HTTPS protocolsSupport both HTTP and HTTPS protocols
Content-TypeCan serve dynamic or static content directly.Designed to serve static content.

Note: Web servers can also be configured to serve dynamic content with modules.
Resource ConsumptionUsually, application servers are more resource intensive. They consume a higher amount of CPU and memory resources.Web servers are optimized and thus require a lot fewer resources than an application server.
ThroughputSince the resource consumption is higher, an application server usually has a lower threshold for concurrent client request processing.Are designed to serve hundreds of thousands of concurrent connections.
Application vs. Web Servers