Intersites

How to Read a Web Site Address

August 5, 2010 by Eric and Kevin

Take a look at the following image, then answer one question. What is it?

Mailing Address

If you answered "a mailing or postal address", you are correct! We are so familiar with mailing addresses we don't even think about them and can immediately identify any particular part of an address. For example, if I asked you for the city in the address above, you'd immediately and virtually without thought say, "St Charles".

I'd like you to think about how mailing addresses became so familiar. You weren't born with the ability to recognize them.

The answer, of course, we were taught how to read and write addresses, probably way back in grade school. Since then we've seen so many, reading them has become routine and secondhand.

I'm here to tell you class is in session. Today you're going to learn how to read a website address. Being able to read and understand a website address has far greater importance to your safety and security than the ability to read a postal address. The ability to read an address is an absolutely essential skill and should be required knowledge before anyone is allowed to surf the web.

The good news is that learning to read a website address is about as easy as it was learning to read a postal address.

Let's start by realizing that one of the things which makes a postal address easy to read is that they have a format, or structure.

Mailing Address Structure

Yes, the format has some flexibility. The first line might be the name of a company or an individual. There may or may not be a suite or apartment number. Nevertheless, we all know that the first line is usually a name, the second a street address, and the third is city, state and zip in that order. This format was drilled into our heads by Mrs Carvilano, or whomever your 3rd grade teacher was and has been reinforced by the thousands of addresses you've seen since.

For today's lesson, we're going to use the following website address as our example:

Example Website Address

Like mailing addresses, website addresses have a format or structure. Once you learn the format, it becomes much easier to read them.

I should note an important difference between mailing and website addresses. The format of mailing addresses was set up mostly to make them easy to read by humans. The format of website addresses was determined in part because they must be read by humans *and computers*.

One question I'm frequently asked is why website addresses are all "jammed together" with no spaces. The reason is that computers, like humans, need some way of knowing where one thing ends and another begins. We humans use spaces. While hardly anyone ever thinks about how "nothing" can be important, a blank space is critical to our ability to read. Ifyoudon'tthinkso,tryreadingthissentence.

It turns out for a lot of reasons, computers have a hard time using spaces to separate things. Because of that problem, the people who designed the world wide web decided to use forward slashes ('/') to indicate where one thing ends and another begins.

It will take a little time until your brain becomes trained and used to seeing the slashes as separating different elements. As an exercise, I replaced the slashes with spaces so you can start to more easily see the different parts of the website address.

Example Website Address Split

Let's label the different parts of the website address, just like I labeled the different parts of a mailing address in the second image of this article.

Website Address Structure

The first part of the website address is called the "protocol". Computers can use different sets of commands, or "protocols", when talking to one another. When they are talking email, they use the "Simple Mail Transfer Protocol" ("smtp"), or "Post Office Protocol" ("pop") sets of commands. When they are uploading files, they use the "File Transfer Protocol" or "ftp" set of commands. When they are talking about websites, they use the "Hyper Text Transfer Protocol" or "http". If they want to talk about websites secretly, they use the "Hyper Text Transfer Protocol - Secure" or "https".

The protocol is followed by a colon, then two forward slashes. This is a special case where one slash isn't enough for the computer to recognize it as a separator.

The next part of the address is the domain name. One interesting item: while many people automatically type "www." before the domain name, it is not technically required. It is up to each individual company or web designer to decide if they want to use "www." or not.

You can think of the domain name as indicating what company you want to visit.

The next part of the address specifies the "path" to the page you want to view. If the website address doesn't include a page, most websites will show you the "home" page.

Sites with many pages usually group them into folders or "directories". If a site has many, many pages, the website designer may group the folders within folders within folders. The number of folders is completely up to the designer. In the website address example below, the designer has placed the page called "qr_codes" inside a folder called "article" which is itself in a folder called "blog".

Example Website Address with Subfolders

That's all there is to reading a basic website address. More complex sites may have more complex addresses; we'll cover those in another article.

You have enough information now to begin to recognize suspicious addresses. As you read more website addresses, your confidence will grow, just as it did when reading postal addresses. For example, if you saw the following mailing address, you would immediately know something was wrong.

Malicious Mailing Address

In the same way, you should recognize there is something wrong with the address below. We found this link in a hacking attempt against one of our customers.

Malicious Website Address

With your new knowledge that you should look for slashes to indicate the different parts of an address, you should be able to read this address as:

Malicious Website Address Split

not this, which is what the hacker hoped.

Malicious Website Address Hoped

The tipoff in this address is that the domain name (www.facebook.com.login.ru) is odd. The hacker in this case tried to trick the user by sticking a familiar website name "facebook.com" to the left of the real domain name "login.ru". Had the user actually clicked this link, they would have been taken to a site in Russia, not Facebook. The Russian site probably would have installed a virus or malware on the user's computer with dire consequences.

Reading website addresses is an essential skill for surfing the web today. I hope this article gives you the confidence to actually read and understand them.

Posted in Help Me Understand

Blog RSS Suite / 131

Blog Categories


Intercom - Subscribe Now

Facebook Twitter Linked In