Reading a web address

This article is one for beginners, if you know how to read a web address correctly you are less likely to fall victim to online fraud such as phishing scams. The reason being that you will be able to judge for yourself how reliable a link or webpage is.

The components that make up a web address are as follows.

Example Web Address
[http://][www].[[ukvoipnet].[com]]/[comparison]

A website address is typically split into between 3 and 5 parts. thes are the protocol being requested ([http://]), the subdomain being requested, in this case www ([www]), the domain being requested ([ukvoipnet]), the Global TLD or Top Level Domain ([com]) and finally the URI or uniform resource indicator ([comparison]).

So what do each of these parts of a web address mean and why should i know them?

• Protocol - The Protocol is the first part of the address, it is commonly "http", "https" or "ftp", however it could be others such as "chrome" for internal operations within a Mozilla Firefox or Google Chrome Browser. This part of the web address is important as it will tell you whether details that you enter into a form on the site, will be encrypted when being sent to the Server, and also that the Server you are sending it to is genuine, Important: Never enter your payment details into a website without the "https" protocol.
   
• Subdomain - This is the second part of the web address after the protocol, On most sites it is usually the default World Wide Web "www" subdomain, it is important to note that a subdomain could be anything and different sites could be operating on different subdomains, for example: www.ukvoipnet.com, wwww.ukvoipnet.com and w1.ukvoipnet.com could point to 3 seperate sites. It is important to recognise subdomains in a web address because they can be used to make domains appear more genuine. eg: http://pay.pal.com or http://goo.gle.com. Important: A subdomain can be anything, there are few restrictions on the word that can be used.
   
• Domain - After protocol for security,  the domain is the most important factor to look for in a web address, this is not easily forged and is locked to the individual or organisation that registered it originally, unless transferred. So for example the domain google.com belongs to Google Inc and a website with this same domain could not exist outside of Google. Phishing scams, whiah aim to steal your details will commonly register a similar domain to a genuine one, such as: login-paypal.com, paypla.com, ppallogin.com. You can find, which is a genuine domain by performing a whois, which will tell you who registered the domain.
   
• Domain TLD - This is also part of the domain and uses many identifiers, for example .co.uk, .co.jp, .com, .ws, .biz. .ac.uk, .co.ie, .gg are all forms of Domain TLD, it identifies the target location of the site geographically or what activity the site undertakes, eg: .ac.uk for UK Academic sites. There is talk of unlocking the Global TLD's to allow users to register their own, for example ukvoipnet.ukvoipnet, however as of the time of writing this article this has not happened yet. Important: A security vulnerability may occur if a site is set up to match a genuine site but has a seperate TLD, for example:  google.com and google.ws could be seperate sites, with google.ws being a forged clone of google.com, which is legitimate.
   
• URI - The Uniform Resource Indicator is used to differentiate pages on a website. The browser needs to know which pages it should request from the server. Therefore a URI or /index.html is different to an URI or about.html, through a use of server side technology, this URI can be rewritten to be a request string rather than a physical page, for example a lot of Content Managed Systems (CMS) use just on physical page, usually the index and pass in a rewritten request. The URI is not usually a security risk or of any concern unless the site has been compromised and a fake page has been created.