Web Applications

Layout
1. Infrastructure
  1. Client-Server
  2. One Server
  3. Many Servers - One Database
  4. Many Servers - Many Databases
2. Components
  1. Client
  2. Server
    1. Webserver
    2. Web Application Logic
    3. Database
  3. Services (Microservices)
    1. Ratings
    2. Payments
    3. Registration
    4. Search
  4. Functions (Serverless)
3. Architecture
  1. Presentation Layer
    1. Consists of UI process components that enable communication with the application and the system
  2. Application Layer
    1. ensures that all client requests (web requests) are correctly processed
  3. Data Layer
    1. determine exactly where the required data is stored and can be accessed
Back End
1. Components
  1. Back End Servers
    1. LAMP
      1. Linux, Apache, MySQL, and PHP
    2. MAMP
      1. macOS, Apache, MySQL, and PHP
    3. XAMPP
      1. Cross-Platform, Apache, MySQL, and PHP/PERL
    4. WINS
      1. Windows, IIS, .NET, and SQL Server
    5. WAMP
      1. Windows, Apache, MySQL, and PHP
  2. Web Servers
    1. Apache
    2. NGINX
    3. IIS
  3. Databases
    1. Relational (SQL)
    2. Non-relational (NoSQL)
  4. Development Frameworks & APIs
    1. Development Frameworks
      1. Laravel (PHP)
      2. Express (Node.JS)
      3. Django (Python)
      4. Rails (Ruby)
    2. APIs
      1. SOAP
      2. shares data through XML
      3. REST
      4. shares data through the URL path
      5. returns the output in JSON format
2. Vulnerabilities
  1. Broken Authentication/Access Control
  2. Malicious File Upload
  3. Command Injection
  4. SQL Injection (SQLi)
  5. Public Vulnerabilities
    1. Public CVE
    2. CVSS
Front End
1. Components
  1. HTML
  2. CSS
  3. JavaScript
2. Vulnerabilities
  1. HTML Injection
  2. Sensitive Data Exposure
  3. Cross-Site Scripting (XSS)
  4. Cross-Site Request Forgery (CSRF)
Distribution
1. open-source
  1. Joomla
  2. WordPress
  3. OpenCart
2. closed source
  1. Wix
  2. DotNetNuke
  3. Shopify