In-depth understanding of HTTP protocol and principle analysis of HTTPS

3.4.2 Implementation principle of https

There are two basic types of encryption and decryption algorithms:

1) Symmetric encryption: There is only one key, encryption and decryption are the same password, and encryption and decryption are fast, typical symmetric encryption algorithm There are DES, AES, etc.;

2) Asymmetric encryption: keys appear in pairs (and the private key cannot be inferred based on the public key, and the public key cannot be inferred based on the private key), and different keys are used for encryption and decryption (public key encryption requires Private key decryption (private key encryption requires public key decryption), which is slower than symmetric encryption. Typical asymmetric encryption algorithms include RSA, DSA, etc.

Let’s take a look at the communication process of https:

Advantages of https communication:

1) The key generated by the client can only be obtained by the client and the server;

2) The encrypted data can only be obtained by the client and the server Only the server side can get the clear text;

3) The communication from client to server is safe.

3.5 http proxy

3.5.1 http proxy server

The full English name of proxy server is Proxy Server, and its function is to act as a proxy for network users to obtain network information. To put it figuratively: it is a transfer station for network information.

A proxy server is a server between the browser and the web server. With it, the browser does not go directly to the web server to retrieve the web page but sends a request to the proxy server. The Request signal will be sent to the proxy first. Server, the proxy server retrieves the information required by the browser and sends it to your browser.

Moreover, most proxy servers have a buffering function, just like a big Cache. It has a large storage space. It continuously stores newly obtained data in its own memory. If the browser requests The data already exists in its local memory and is the latest, then it does not re-fetch the data from the Web server, but directly transmits the data in the memory to the user's browser, which can significantly improve browsing speed and efficiency. .

More importantly: Proxy Server (proxy server) is an important security function provided by the Internet link-level gateway. It works mainly in the conversation layer of the Open Systems Interconnection (OSI) model.

3.5.2 The main functions of http proxy server

The main functions are as follows:

1) Break through your own IP access restrictions and access foreign sites. For example: Internet users such as Education Network and 169 Network can access foreign websites through proxies;

2) Access internal resources of some units or groups, such as FTP of a university (provided that the proxy address is within the allowed access range of the resource), Using the free proxy server in the address segment of the education network, you can use it for various FTP downloads and uploads open to the education network, as well as various data query and sharing services;

3) Break through China Telecom’s IP blockade: China Telecom has many users Access to the website is restricted, and this restriction is artificial. Different servers block addresses differently. So when you can't access it, you can try a foreign proxy server;

4) Improve access speed: Usually proxy servers set up a larger hard disk buffer. When external information passes through, it will also be saved to the buffer. In the zone, when other users access the same information again, the information will be taken out directly from the buffer and passed to the user to improve the access speed;

5) Hide the real IP: Internet users can also hide their own IP through this method IP, protected from attacks.

3.5.3 http proxy icon

The http proxy icon is shown below:

For the client browser, the http proxy server is equivalent to the server.

For the web server, the http proxy server plays the role of the client.

3.6 Implementation of virtual host

3.6.1 What is a virtual host

Virtual host: It divides a certain disk space on the network server for users to place sites, application components, etc., and provides necessary site functions and data storage. transfer function.

The so-called virtual host, also called "website space", is to divide a server running on the Internet into multiple "virtual" servers. Each virtual host has an independent domain name and a complete Internet server (supports WWW, FTP, E-mail, etc.) functions. Different virtual hosts on a server are independent and managed by the user. However, a server host can only support a certain number of virtual hosts. When this number is exceeded, users will experience a sharp drop in performance.

3.6.2 Implementation principle of virtual host

Virtual host is a technology that uses the same WEB server to provide services for websites with different domain names. Apache, Tomcat, etc. can realize this function through configuration.

Related HTTP message header: Host.

For example: Host: www.baidu.com

When the client sends an HTTP request, it will carry the Host header. The Host header records the domain name entered by the client. In this way, the server can confirm which domain name the client wants to access based on the Host header.