Behind Apps #1 — What Are Backend Servers ?

Every App contains 3 parts, Frontend, Backend, Database.
When you open an app, book a ticket, or upload a photo, you’re interacting with a smooth interface (Frontend). But what makes it work? Hidden beneath that frontend is a powerful engine: the backend server. It’s the silent executor of business logic, data processing, and secure communication.

In General, Behind apps,

• Users will interact with the frontend (You set the questions).

• Frontend will understand the user’s question turn it into a request.

• The request will be sent to backend server via APIs (APIs are designed in backend for interaction with data and execute tasks (calling functions)).

• Backend server (a program) will be connected with database server.

• It will look at the request, query database, process logic and respond accordingly.

• The data returns to frontend and it will display data for on the interface for us

In this post, we’ll look into:

• What backend servers do

• How they work under the hood

• Types of servers.

• The protocols they use

• How they talk to databases and other systems

• Security mechanisms involved

• APIs (Application Programming Interface)

📦 What Is a Backend Server?

A backend server is a program or service that listens for client requests (like from a browser, mobile app, or IoT device), processes them, performs logic (including database operations), and returns a response via APIs.

📦 What are APIs ?

API (Application Programming Interface) is the interface your backend exposes so other systems—frontends, mobile apps, or even other backends—can communicate with it.

Think of the API as the menu at a restaurant. You don’t need to know how the kitchen works, you just need to know what you can ask for, and in what format. The backend server is the kitchen, and API is how you place your order.

What does Backend do ?

• Serve APIs (REST, GraphQL, etc.)
  → Like offering a menu: “How do you ask the kitchen for a dish?”

• Handle Business Logic
  → The chef prepares the dish based on the recipe: “How is the dish cooked once ordered?”

• Authenticate and Authorize Users
  → Checking who made the order and whether they’re allowed that dish: “Who placed the order, and are they a VIP?”

• Store & Query Data from Databases
  → Fetching ingredients from storage: “Get what's needed from the pantry.”

• Integrate with External Services (APIs, Queues, etc.)
  → Buying ingredients from another vendor if not in stock: “Order from a nearby store if we’re out.”

• Perform Background Jobs and Scheduled Tasks
  → Prepping for tomorrow or cleaning up after hours: “Chop veggies for later or clean the kitchen after hours.”

⚙️ How Do Backend Servers Work?

Here’s the general flow of a backend server:

1. Startup: A server is initialized using a backend framework (e.g., FastAPI, Express, Django, Spring).

2. Listening: It binds to a port (like 8000) and listens for incoming network requests.

3. Request Handling:

   • Parses HTTP headers and body.

   • Validates the input.

   • Executes business logic (e.g., checking inventory, sending OTP).

   • Queries or updates the database.

   • Prepares a response (JSON, XML, HTML).

4. Response: Sends back data, status codes, or files.

5. Logging: Logs details of the request, execution time, and any errors.

🧱 Types of Backend Servers

1. Monolithic Server

• A single application handling all business logic and data access.

• Easy to start but hard to scale or modularize later.

• E.g., Traditional Django/Flask or Java Spring Boot apps.

2. Microservices

• Each feature is broken into an independent service.

• Services talk via APIs or message queues (like Kafka, RabbitMQ).

• Easier to scale, but more complex to maintain.

3. Serverless

• You write small functions, deploy to the cloud (e.g., AWS Lambda).

• No server to manage. You only pay for execution time.

• Great for event-driven tasks or APIs with bursty traffic.

4. Edge Servers

• Deployed closer to users geographically.

• Handles caching, routing, and sometimes logic at the edge.

• Tools: Cloudflare Workers, Vercel Edge Functions.

📡 Protocols Used by Backend Servers

🗣️ Talking to Databases and Services

Backend servers often communicate with:

🗃️ Databases

• Relational (PostgreSQL, MySQL): Structured data, SQL queries.

• NoSQL (MongoDB, Redis): Schema-less or key-value stores.

• Servers use ORMs (like SQLAlchemy, Prisma) or raw queries to interact.

🔁 External APIs

• Payment gateways (Stripe), SMS (Twilio), OAuth (Google)

• Calls made using HTTP clients (like requests, axios, httpx)

💬 Queues & Background Jobs

• For async tasks (e.g., sending emails, generating reports)

• Tools: Celery, Redis Queue, Sidekiq, BullMQ

🔐 Security Handling in Backend Servers

✅ Authentication

• Verifies who the user is.

• Methods: JWTs, OAuth 2.0, Session cookies, API keys

🛂 Authorization

• Verifies what the user can do (e.g., roles, permissions)

🔒 Transport Security

• HTTPS ensures encrypted data in transit.

• Avoid sending sensitive data in URLs or logs.

🧰 Common Measures

• Input validation and sanitation (to prevent SQL Injection, XSS)

• Rate limiting and throttling (to prevent abuse)

• CORS controls (cross-origin requests)

• Secure headers (Content-Security-Policy, X-Frame-Options)

• Logging and monitoring (for breach detection)

📊 What Can Backend Servers Do?

Backend servers power most critical functions in real-world apps:

• Serve API endpoints

• Manage user accounts, sessions, permissions

• Handle uploads, streaming, or large file processing

• Perform analytics and metric logging

• Notify users via email/SMS/push

• Talk to 3rd-party services

• Schedule recurring jobs (cron, Celery beat)

🧠 In Summary

Backend servers serve APIs to allow structured, secure, and scalable communication between systems. Whether it’s REST, GraphQL, or gRPC, the goal is the same: expose your backend’s power without exposing its internals.