A registrar is where you purchase a domain name. A domain name is something like spyrosoft.com. Domain names cost approximately $10 per year.
A host is where you put your website files. Most hosts cost approximately $120 per year, though this cost can vary quite a bit.
Good registrars are very rarely good hosts and vice versa. I recommend registering your domain names separately from your host.
A great registrar is internet.bs. The price is right and it has all the bells and whistles you might need including free private whois. The user experience is a bit lacking, but it's worth it.
For websites running php that fit shared hosting, DreamHost is the best option available. A single account offers unlimited domain names, email accounts, linux users (awesome), databases, bandwidth, and free SSL certificates.
If you know of any better services out there, please let me know.
Often people will come to me for help after having attempted to set up their own website. While I approve of this valiant effort, it almost always saves beginners money and their rebound developer headaches if they ask for advice first.
Let's talk about cPanel. If you don't already know, cPanel is an open source project written in php with the goal of making it easier for the average person to manage host settings for their websites. Almost all php hosts use cPanel. (godaddy, bluehost, hostgator, etc.)
A serious security issue stems directly from cPanel. All of the websites are placed together in the same directory. This makes all of the websites only as secure as the weakest website. In general it is a good idea to avoid cPanel altogether.
Horror Story Time!
Some friends of mine had an account at BlueHost. There were ten or so WordPress websites. One of the sites got hacked, then all of the sites got hacked. The hacker began sending out massive amounts of spam and replaced much of the website content with malicious content. After some time BlueHost shut down the account. Which is reasonable. However, BlueHost makes no distinction between web hosting accounts and email accounts. Everyone's email went down. Additionally, it turned out that the Restore Backup button did absolutely nothing. Backups are a "feature" that costs an extra monthly fee. Most of the website content is gone forever.
A server is a computer, albeit a weird looking one:
It can be anywhere in the world, connected to the Internet. Most servers use the Linux operating system.
Quite a lot happens every time you visit a webpage. Let's walk through it step by step:
It's not quite this simple. If you would like further details, please ask me.
In the context of the web, a platform is an online service which offers a web interface for creating and modifying your own websites.
The client side (or the front end) refers to everything that happens in the browser. In particular:
The server side (or the back end) refers to everything that happens on the server. As opposed to the client side, the server side is able to run any type of software. Some common web programming languages are:
Rather than create a great deal of code every single time a website is created, it makes more sense to create a framework which can be reused over and over again for lots of different websites.
The most popular framework for the every day person's website is WordPress. Drupal is up there.
New languages are created when programmers find they do not have the correct tools to accomplish a certain, usually specific, type of goal. Frameworks are created when the community using a language finds they do not have the correct tools to accomplish a certain, usually specific, type of goal.
A database is very similar to a collection of spreadsheets. In database terms each spreadsheet is known as a table. Tables have columns and rows. When a table is created each of the columns is set up to store a certain type of information in order to speed things up and save disk space. Records are stored as rows of data.
Most small websites use shared hosting. This means that there is one server which hosts lots of different people's websites. Access to the server configuration itself is unavailable. Instead the server is set up for a specific type of hosting which everyone uses. It can handle a low to medium sized amount of traffic.
The second most common type of hosting is vps (virtual private server). This means that a server is running multiple virtual machines. The processing power and memory of the server are shared between them. This service is useful if your developer needs full control over the inner workings of the server. It can handle a medium amount of traffic.
The third type of hosting is called dedicated. An entire server is dedicated to you. It can handle a large amount of traffic.
Beyond this is the use of multiple servers in a cluster. Each server is set up to display the same information and traffic is split up between them. It can handle a very large amount of traffic.
Why does the https in the URL matter so much?
When you send sensitive information such as your credit card number over the internet it has to be concealed from anyone who can see the data while it is on transit.
Without going into too much technical detail, the technique to accomplish this is called public key cryptography. The receiving end creates a Public Key which the rest of the world has access to. At the same time it creates a Private Key which no one else has access to.
Whenever person A (we'll call her Alice), wants to send secret information to person B (Bob), Alice uses Bob's Public Key to jumble the sensitive data into seemingly random 1s and 0s. (Wizardry, I know.) The random looking data can then safely be sent across the network. Even if someone were to intercept the data along the way, there is nothing that can be done with the random looking data. (As of 2016, but that's a conversation for another time.)
When the random looking 1s and 0s reach their destination, Bob uses his Private Key to convert the data back into meaningful content.
This is all fine and dandy, right? Well, what would happen if this is the first time you receive a copy of a Public Key? Couldn't a theif on the network intercept it, swap it out with their own Public Key, and pretend to be the person you are corresponding with?
This is called a Man In The Middle Attack. This is why Certificate Authorities exist. Everyone on the network has an official copy of the Certificate Authorities' Public Keys. These are uptaded every six months or so. Your computer communicates with the Certificate Authority to make sure you have recieved the proper Public Key from the receiving end with no funny business. Then everything proceeds as described above.