A reverse proxy is a type of proxy server that retrieves resources on behalf of a client from one or more servers. These resources are then returned to the client as though they originated from the proxy server itself.
In other words, A reverse proxy is usually an Internet-facing proxy used as a front-end to control and protect access from outside Network to a server on a private network. A reverse proxy commonly also performs tasks such as load-balancing, authentication, decryption or caching.
In the general scenario, reverse proxy performs following tasks –
– Check for validity of request from Internet client (based on configured parameters).If rejected, the client is supplied with error message
– If above request if accepted, reverse proxy looks in cache for requested information. If information is available in cache, it is served to the Internet based client.
– If no cached information is available, the reverse proxy sends request to destination Content server inside LAN and further relays the required data to the end client on Internet. The information is cached for future reference.
A reverse proxy does the exact opposite of what a forward proxy does. While a forward proxy proxies in behalf of clients (or requesting hosts), a reverse proxy proxies in behalf of servers. A reverse proxy accepts requests from external clients on behalf of servers stationed behind it just like what the figure below illustrates.
To the client it is the reverse proxy that is providing file transfer services. The client is unknown to the file transfer servers behind the proxy, which are actually providing those services. In effect, whereas a forward proxy hides the identities of clients, a reverse proxy hides the identities of servers.
Reverse Proxies are good for:
- Application Delivery including:
- Load Balancing (TCP Multiplexing)
- SSL Offload/Acceleration (SSL Multiplexing)
- Content Switching/Redirection
- Application Firewall
- Server Obfuscation
- Single Sign On