👶Introduction to Web Applications
Web Applications vs. Websites
Here are the different layouts of a web app:
Category | Description |
| Describes the structure of required components, such as the database, needed for the web application to function as intended. Since the web application can be set up to run on a separate server, it is essential to know which database server it needs to access. |
| The components that make up a web application represent all the components that the web application interacts with. These are divided into the following three areas: |
| Architecture comprises all the relationships between the various web application components. |
For the infrastructure part, web apps can choose different models such as:
Client-Server
One Server
the riskiest design since all eggs are in one basket
Many Servers - One Database
It allows different web apps access to the same data without syncing the data between them.
Many Servers - Many Databases
if any web server or database goes offline, a backup will run in its place to reduce downtime as much as possible
Front End vs. Back End
The front end includes everything that the user sees and interacts with, like the page's main elements such as the title and text HTML, the design and animation of all elements CSS, and what function each part of a page performs JavaScript.
Whereas the back end drives all of the core web application functionalities, all of which is executed at the back end server, which processes everything required for the web application to run correctly.
Here are the four main back end components for web apps:
Component | Description |
| The hardware and operating system that hosts all other components and are usually run on operating systems like |
| Web servers handle HTTP requests and connections. Some examples are |
| Databases ( |
| Development Frameworks are used to develop the core Web Application. Some well-known frameworks include |
Here are the 20 most comment in web apps:
No. | Mistake |
| Permitting Invalid Data to Enter the Database |
| Focusing on the System as a Whole |
| Establishing Personally Developed Security Methods |
| Treating Security to be Your Last Step |
| Developing Plain Text Password Storage |
| Creating Weak Passwords |
| Storing Unencrypted Data in the Database |
| Depending Excessively on the Client Side |
| Being Too Optimistic |
| Permitting Variables via the URL Path Name |
| Trusting third-party code |
| Hard-coding backdoor accounts |
| Unverified SQL injections |
| Remote file inclusions |
| Insecure data handling |
| Failing to encrypt data properly |
| Not using a secure cryptographic system |
| Ignoring layer 8 |
| Review user actions |
Last updated