Notes

A firewall monitors and controls all incoming and outgoing network traffic, and can be implemented in the hardware or software level. See All Open Ports All ports opened by a program, including those blocked by a firewall. sudo ss -tupln Software Firewall (UFW) # Enable the SSH port if it is being used sudo ufw limit 22/tcp # `limit` is used to prevent bruteforce # Set default connection settings sudo ufw default deny incoming sudo ufw default allow outgoing # Open ports for the services running sudo ufw allow 80/tcp # Web server 1 sudo ufw allow 443/tcp # Web server 2 # Check if UFW is running and is configurations sudo ufw status numbered # Delete an entry sudo ufw delete 2 # Number given by `status numbered` # Enable UFW sudo ufw enable Block Pings Blocking pings prevents hackers from quickly discovering the server. It is still possible to scan all ports on the server and eventually find any open one, but it adds another layer of security. ...

Flask is a web framework for Python. It facilitates the creation of web apps (dynamic web pages). Run Flask Flask comes with its own server for debugging purposes, which can be started with: flask run Folder Structure app.py # main code requirements.txt # required libraries static/ # files that never change templates/ # dynamic files “Hello, name” — Example App templates/index.html <!DOCTYPE html> <html lang="en"> <head> <meta name = "viewport" content="initial-scale=1, width=device-width"> <title>Hello</title> </head> <body> hello, {{ name_placeholder }} <!-- Jinja template --> </body> </html> app.py http://website.domain/?name=Trude ...

HTML is a markup language: The foundation of every website, as it structures content and provides information such as text, images and other media to the browser. Hello World HTML is not a programming language, only formatting to write a document as. The following ‘code’ is valid HTML. Hello, world. A more complete solution, however, would be to define a structure for the document. <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <meta http-equiv="X-UA-Compatible" content="ie=edge" /> <title>Document</title> </head> <body> <p>Hello, world.</p> </body> </html> HTML uses tags to define a hierarchy. The <head> tag defines metadata for the site, such as the page’s title, encoding types, and any external resources. The <body> tag is the content itself: any paragraphs (<p>), images, forms and scripts, to name a few. ...

HTTP HTTP (Hypertext Transfer Protocol) is a communication protocol used to send messages between the client and server, mainly used for the web. It’s stateless, meaning each request is independent, which is why web browsers often use cookies to save state. Request Structure Request Line: Method, URI, HTTP version (e.g., GET /index.html HTTP/1.1). Headers: Metadata about the request. Body (Optional): Data for POST, PUT, PATCH requests. Response Structure Status Line: HTTP version, status code, reason phrase (e.g., HTTP/1.1 200 OK). Headers: Metadata about the response. Body (Optional): Response data (HTML, JSON, etc.). Methods GET: Retrieve a resource. Should only retrieve data and not have side effects. POST: Submit data to be processed. PUT: Replace a resource. DELETE: Delete a resource. PATCH: Partially modify a resource. HEAD: Retrieve headers only. OPTIONS: Describe communication options. HTTP Headers HTTP headers are key-value pairs providing additional information about requests and responses. ...

HTTP(s) The http protocol sends data as plaintext, which is an issue when sharing sensitive data such as messages and passwords. https uses TLS to encrypt sensitive traffic between the client and server, creating a secure connection between the two. TLS TLS is a form of encryption, used to secure HTTPS connections. TLS replaces SSL (a deprecated protocol), however, the term SSL is still used often. Handshake To establish a secure connection, a ‘handshake’ is performed between the client and the server. ...