Function of Web Protocols and Their Ports

What are ports and why are they needed?

• Numerical identifiers used by protocols to determine where network traffic should be directed within a system
• Each service on a device communicates through a specific port
• Multiple network applications can function simultaneously without interfering with one another

What are web protocols?

A protocol is a set of rules that define how devices communicate over a network. Each protocol operates on a specific port number which allows computers to determine how to process incoming and outgoing data.

Different protocols specialise in different aspects of web communication, eg:

• Sending and receiving web pages (HTTP/HTTPS)
• Transmitting files (FTP/SFTP)
• Email communication (SMTP/POP3/IMAP)
• Secure communication (SSL/TLS)

Web vs internet: The World wide web (web) is a collection of websites, enabled by the internet. The internet is used for different purposes.

Analogy/summary

Web protocols are like the rules and guidelines for sending and receiving physical letters - they define how data is packaged, transmitted, and received over the internet.

Ports are like virtual doors that allow different types of data to pass through a network. They are like different mailboxes at the post office - each is assigned with a specific number, and different types go to different ports (e.g. letters go to one, packages to another, urgent mail to another).

HTTP (port 80)

Is like the standard mailbox, used for sending and receiving regular letters (webpages) between web browsers and servers.

Default port is 80. It allows web browsers to retrieve web pages from web servers, and defines how requests and responses are formatted and transmitted.

• A client (browser) sends a HTTP request to a web server
• The server processes the request and sends back a HTTP response
• The browser renders the received HTML page

API endpoints

• Defines how different actions are performed on the server - how data is retrieved, modified or deleted
• It is the location on a server where resources are exposed or services are offered - like a doorway that allows applications to talk to the server
• Secured by requiring authentication tokens or API keys

How it works

• Client sends an HTTP request to a specific API endpoint (contains method, URL, optional header, and sometimes data)
• Server listens at the API endpoint and based on method and URL, processes the request and interacts with the backend system
• Server returns HTTP response which includes status code, headers, body
• The client receives the response and processes it

HTTPS (port 443)

Is like a special mailbox with a lock, used for sending sensitive information (secure webpages). When visiting a website that uses HTTPS, the data sent between the browser and the website is encrypted.

Default port is 443. The secure version of HTTP, adding encryption using SSL/TLS to ensure data integrity and confidentiality.

• Encrypts content, then decrypting when received
• Used in banking, ecommerce, and secure websites

DNS (port 53)

Is like a directory service - it looks up the address based on the name.

Default port is 53. Resolves domain names into IP addresses, so users can access websites using readable domain names instead of numerical IP addresses.

FTP (port 20, 21)

Is like a special mailbox and package pickup area, used for sending and receiving large files between computers - one mailbox for sending and one for receiving.

Uses port 20 (data transfer) and 21 (control). Is used for transferring files (upload, download, manage) between a client and a server on a computer network.

• No encryption (data is visible in plain text)

SFTP (port 22)

SSH File Transfer Protocol. Default port is 22. A secure file transfer protocol that provides file access, transfer and management over a secure data stream.

• Uses SSH (Secure Shell) for encryption

SMTP (port 25)

Is like a dedicated mailbox for sending letters (emails) from one mail server to another.

Simple Mail Transfer Protocol. Uses port 25. Sends emails.

POP3 (port 110) and IMAP (port 143)

Are like personal mailboxes that allow you to access your emails stored on the mailserver, either by downloading them (POP3) or viewing remotely (IMAP).

• POP3 (Post Office Protocol v3)
  • Uses port 110 (995 for SSL/TLS versions)
  • Downloads emails from a server to a local device, then removes from the server
• IMAP (Internet Message Access Protocol)
  • Uses port 143 (993 for SSL/TLS versions)
  • Keeps emails stored on the server while syncing multiple devices

How they work together: SMTP sends emails from the sender to the recipient's mail server. POP3/IMAP retrieves emails from the server to the recipient's inbox.

Example: Gmail uses IMAP to allow users to access their email from multiple devices while keeping messages on the server.

SSL/TLS (various ports)

Are like special security envelopes used for important letters. They encrypt the contents of the data to ensure that nobody can read it while in transit.

Do not have specific ports but are often used with protocols like HTTPS (443), SMTP (25, 587), and IMAP (993). SSL (deprecated) and its successor TLS are cryptographic protocols that encrypt data to secure communications between clients and servers. They are commonly used to secure data transmission in HTTPS, SMTP, and other protocols.

TCP/IP

Transmission Control Protocol/Internet Protocol. It is a suite of communication protocols that enable network communication between devices on the internet. It provides end-to-end data transmission.

TCP

Ensures reliable, ordered data transmission by breaking data into packets and reassembling them.

• Ensures data integrity by confirming order and no errors
• Used by web browsing (HTTP/HTTPS), email and file transfers
• Connection oriented (conversation based - sending and acknowledging back and forth)

IP

Handles addressing and routing data packets, so they can reach the correct destination.

• Uses IP addresses to identify devices