To publish web pages, you'll need a web server. The server listens for requests for web browsers and returns the web pagees specified in those requests. Web servers and web browsers communicate by using the Hypertext Transfer Protocol (HTTP), a protocol created specifically for the request and transfer of hypertext documents over the Web. Because of this use, web servers often are called HTTP servers.
Other Things Web Servers Do
Although the web server's primary purpose is to answer requests from browsers, it's responsible for several other tasks. You'll learn about some of them in the following sections.
File and Media Type Determination
In Lesson 11, "Integrating Multimedia: Sound, Video, and More," you learned about content types and how browsers and servers use file extensions to determine file types. Servers are responsible for telling the browsers what kinds of content the files contain. Web servers are configured so that they know which media types to assign to files that are requested. In "Questions to Ask Your Webmaster" later in this lesson, you'll learn about some of the important questions you should ask your web presence provider or webmaster before you publish your pages.
The web server also is responsible for very rudimentary file managementmostly in determining where to find a file and keeping track of where it's gone. If a browser requests a file that doesn't exist, the web server returns the HTTP error code 404 and sends an error page to the browser. You can configure the web server to redirect from one URL to another, automatically pointing the browser to a new URL for files that have moved. Servers can also be set up to return a particular file if a URL refers to a directory on a server without specifying a filename.
Finally, servers keep log files for information on how many times each URL on the site has been accessed, including the address of the computer that accessed it, the date and, optionally, which browser they used, and the URL of the page that referred them to your page.
Server-Side Scripts and Forms Processing
In addition to serving up static documents like HTML files and images, most web servers also offer the option of running scripts or programs that generate documents on the fly. These scripts can be used to create catalogs and shopping carts, discussion boards, clients to read email, or content management systems to publish documents dynamically. In fact, any website that you find that does more than just publish plain old documents is running some kind of script or program on the server. There are a number of popular scripting platforms available for writing web applications. Which one is available for your use depends in part on which web server you're using. PHP is probably the most popular choice. It's easy to get started with and runs on most servers. Other popular choices include Active Server Pages (or ASP), which runs on Microsoft Windows, or Java Server Pages (JSP), which can run on most servers. The old standby is CGI, which stands for the Common Gateway Interface. It provides a way for the web server to talk to external programs written in just about any language. Traditionally the most popular choice for writing CGI scripts is Perl.
Server-Side File Processing
Some servers can process files before they send them along to the browsers. On a simple level, there are server-side includes, which can insert a date or a chunk of boilerplate text into each page, or run a program. Some of the access counters you see on web pages are run in this way. Also, you can use server-side processing in much more sophisticated ways to modify files on the fly for different browsers or to execute small bits of code embedded in your pages.
Authentication and Security
Password protection is provided out of the box by most web servers. Using authentication, you can create users and assign passwords to them, and you can restrict access to certain files and directories. You can also restrict access to files or to an entire site based on site names or IP addresses. For example, you can prevent anyone outside your company from viewing files that are intended for empoyees. It's common for people to build custom authentication systems using server-side scripts as well.
For security, some servers now provide a mechanism for encrypted connections and transactions using the SSL (Secure Socket Layer) protocol. SSL allows the browser to authenticate the server, proving that the server is who it says it is, and an encrypted connection between the browser and the server so that sensitive information between the two cannot be understood if it is intercepted.