What is a Proxy Server?
A proxy server functions as a middleman for requests from customers trying to access data from other servers.
A customer links to the proxy server to ask for a service that is available on another server, and the proxy server examines the request to reduce and control its complexity.
A reverse proxy is a type of proxy server that retrieves resources on behalf of a client from one or more servers. These resources are then returned to the client as though they originated from the proxy server itself.
In other words, A reverse proxy is usually an Internet-facing proxy used as a front-end to control and protect access from outside Network to a server on a private network. A reverse proxy commonly also performs tasks such as load-balancing, authentication, decryption or caching.
Reverse Proxy: Tasks Performed
In the general scenario, reverse proxy performs following tasks –
- Check for validity of request from Internet client (based on configured parameters).If rejected, the client is supplied with error message
- If above request if accepted, reverse proxy looks in cache for requested information. If information is available in cache, it is served to the Internet based client.
- If no cached information is available, the reverse proxy sends request to destination Content server inside LAN and further relays the required data to the end client on Internet. The information is cached for future reference.
How does Reverse Proxy work?
A reverse proxy does the exact opposite of what a forward proxy does. While a forward proxy proxies in behalf of clients (or requesting hosts), a reverse proxy proxies in behalf of servers. A reverse proxy accepts requests from external clients on behalf of servers stationed behind it just like what the figure below illustrates.
To the client it is the reverse proxy that is providing file transfer services. The client is unknown to the file transfer servers behind the proxy, which are actually providing those services. In effect, whereas a forward proxy hides the identities of clients, a reverse proxy hides the identities of servers.
Benefits of a Reverse Proxies
- Load balancing: Reverse proxies are able to balance the traffic on the main server by dispersing the load across multiple servers. Additionally, they direct the clients to the servers that are closest to their location, which results in faster response times.
- Security: The IP address of your primary server is hidden, which safeguards against potential threats, like DDoS strikes. Moreover, you can put a web application firewall on your reverse proxies for extra defense from cyber attackers and bots.
- Encryption tool: Securing data with encryption can come with a big price tag for an origin server, but running reverse proxies can assist with the costs. They can decrypt any requests sent to the server and encrypt the responses that are sent out (SSL/TSL).
- Global Server Load Balancing (GSLB): Global server load balancing (GSLB) is a form of load distribution that uses a reverse proxy across the globe. Through this process, requests to a website will be spread out according to the geographic position of the people requesting it. This means that the requests don’t have to travel as far, which ultimately leads to faster loading times for the end user.
- Caching: Reversed proxies are able to cache content, thus enhancing the efficiency of the system, decreasing the amount of time it takes for pages to load and providing clients with better content delivery.
- SSL Encryption: Encrypting data using SSL can be expensive, especially when there is a high volume of data that needs to be deciphered from different clients. Utilizing a reverse proxy can simplify the process, as the SSL encryption can be done on the proxy itself.
Reverse Proxies are good for:
- Application Delivery including:
- Load Balancing (TCP Multiplexing)
- SSL Offload/Acceleration (SSL Multiplexing)
- Content Switching/Redirection
- Application Firewall
- Server Obfuscation
- Single Sign On (SSO)