Knowledge of concepts related to URL addresses and domains is important for business purposes. Choosing a name, a domain extension and a URL that are attractive from the marketing standpoint has an impact on the perception of the offer by potential clients.
Be sure to watch the guide “What is a URL and an Internet domain?” on our YouTube channel:
What does a URL consist of?
A URL address, also known as a website address, is the text visible in the address bar of a web browser (e.g. Chrome, Firefox, etc.). It redirects Internet users to specific content made available on the server of a given website’s administrator. For example, by typing in the URL https://dotinum.com/blog/how-to-speed-up-wordpress-website-6-tips/, we open the content of an article titled “How to speed up WordPress website – 6 tips”.
It’s worth knowing that a URL consists of several elements:
- The name of the protocol handling the access to the website: http or https.
- The subdomain name (optional): there can be more than one subdomain and they are separated by a comma, for blog.
- The domain name, for example domeny.tv (.tv is the extension of the national domain of Tuvalu).
- Name of the referenced resource, separated from the domain name by a slash, for example /creative-descriptive-name/ (pl. /kreatywna-nazwa-opisowa/).
Depending on the settings of the so-called direct links on a given website, a URL can have different variants. Most often, this name refers to the content published on the website, although this rule is not always followed.
The domain name is a unique text that we choose at the time of registration. This name is related to the company’s activity, the name of the person preferring to use their personal brand in contacts with customers, or our interests.
When registering a domain name, we actually decide to lease it, because we do not become its owners. We will be able to use it as long as we remember to renew it.
We also need to evaluate the name in terms of marketing. It should be as short as possible and easy to spell (e.g. over the phone).
What is an extension?
The extension that accompanies each domain name is called a Top-Level Domain (TLD). It is the part of the address that can always be found after the dot that follows the name. A Top-Level domain is an Internet domain above which no other domains exist in the Domain Name System (DNS).
Domains and subdomains
The DNS domain name system is hierarchical. It allows you to create subdomains. A subdomain is an internet address created within an existing domain. It allows you to create new pages that may relate to other activities of the website, for example: a blog, discussion board or online store. A popular example of a subdomain is the frequently used www prefix at the very beginning of the URL. We can already guess that in addition to the top-level domains, we can also distinguish:
Second-level domains – a domain located below a top-level one. In Poland, an example of a second-level domain is .com.pl (once commonly used by companies, currently much less popular). A second-level domain will most likely be the domain that you choose to register for yourself or your company.
Third- and fourth-level domains follow second-level domains, for example in www.blog.domeny.tv, blog is the third-level domain, and www is the fourth-level domain. Some of you may remember the times when every URL had to begin with www. This acronym refers to the name of the World Wide Web content sharing service.
Linking to pages in the URL
At the very end of the URL (after the name of the subdomain and the domain, together with its extension), separated by slashes (“/”), you will find a path that starts after the domain extension. The path is most often a sequence of pages separated by a slash that redirects the user to specific content. I have shown examples of different ways of defining this path earlier in Figure 1.
On our Domeny.tv blog we have adopted the rule that the path that follows the domain name, refers to the title of the article, for example: https://blog.domeny.tv/creative-descriptive-name/).
The above-mentioned path consists of:
Protocol name://subdomain name.domain name.extension/path to the article page
Domain names vs. security
I have shown you how URLs are structured. Knowing how URL addresses are built is crucial for Internet users, especially when it comes to security. The most important rule to follow is checking the domain name that a given link redirects to.
Websites dealing with the subject of online security are full of examples of how criminals (so- called hackers) take advantage of the lack of knowledge of some users. Figure 2 shows how hackers tried to impersonate a bank (article on Niebezpiecznik.pl about a fake social media campaign).
Figure 2 Methods of impersonating a bank by manipulating URL addresses. Source: Someone has been attacking clients of the Millennium bank on Facebook, https://niebezpiecznik.pl/post/ktos-od- miesiaca-atakuje-klientow-millennium-na-facebooku/, accessed on 2021-04-30
Of course, none of the addresses belong to the bank, whose website uses the .pl extension. In this case, the criminals redirected users to various sites with the extensions: .host, .fun, .ly, .site. They also included the bank’s name in the section of the address (after a slash) that redirected users to malicious content on their scamming site.
The http and https internet protocols
The very beginning of a URL address contains the name of the protocol used to handle the connection with the server where the website resides. The protocol makes it possible to send content from the server to our browser and back (for example when we order products in our favourite online shop). We can distinguish two standards:
http – a protocol supporting an unencrypted connection between the browser or server and the website.
The abbreviation used in the name of the protocol comes from its English name: Hypertext Transfer Protocol. A website using this protocol is usually marked as “unsecure” by browsers.
https – a protocol supporting an encrypted connection between the browser or server and the website.
The letter “s” added to the name (security) indicates the safety of the connection. Communication is encrypted using the SSL protocol, based on a certificate issued for a given domain name. An encrypted connection is marked with a padlock in the browser’s address bar. However, this symbol does not mean that every page using an encrypted connection is reliable and safe.
URL address and the website’s safety
The unencrypted http protocol can only be used for public content, for example for simple company websites, the so-called “business cards” that don’t even include a contact form for potential customers. Communication with such website can be intercepted at every stage of the transmission, and thus its content can be completely taken over.
That is why I strongly advise against logging into websites that use the http protocol. It is especially not recommended to use http with website administration panels, including the popular WordPress CMS (a typical panel address has the following form: domain/wp-admin).
The encrypted https protocol, as I mentioned above, provides encryption of communication and should be a widely respected standard for websites. Confidential, i.e. encrypted communication, ensures the safety of data when we log into a website (it is impossible to intercept the login and password in a simple manner), but also when we type in something when using it, for example when we purchase our favourite products in an online shop or when we input our data in a contact form.
However, not every page with a “padlock” is safe and reliable. The popular “padlock” is a necessary security condition, but it does not ensure safety. You have to pay close attention to the entire URL and the domain you are actually connecting to.
In Figure 2, I have shown examples of manipulation with the use of various types of URL addresses. It should be emphasised that all these addresses were using the https protocol, i.e. the one with the padlock. The SSL certificate can be even issued for free, for any domain, if the applicant has access rights to it. Therefore, criminals often use it for the domains they register, on the one hand, to make communication more reliable, on the other, to make it harder for simpler security systems to detect a threat.
Knowledge of how a hierarchical domain system and URL address is built is needed not only to be able to efficiently function in the digital world – it is also crucial when administrating websites (for example using WordPress).
It becomes particularly important when assessing the credibility of websites, as criminals very often manipulate URLs in order to impersonate various institutions and companies (including those from the financial industry).