Random posts about ... stuff
by Q
A proxy server is a server application that acts as an intermediary for client requests. Therefore, a proxy server is the middle man that functions on behalf of its client. Because of such centralized approach, a proxy server simplifies or control the complexity of the request and provide additional features such as load balancing, privacy and security.
Gateway/Tunneling proxy Passes unmodified requests and responses
Forward proxy An internet-facing proxy to retrieve data from a wide range of sources
A type of forwarding proxy that is accessible by any Internet user.
- Anonymous proxy
The server reveals its identity as a proxy server but does not disclose its client’s IP address
- Transparent proxy
The server reveals its identity as a proxy server and support HTTP header fields such as X-Forwarded-For which discloses its client’s IP address
Reverse proxy An internal-facing proxy used as a front-end to control and protect access to a server on a private network. It forwards requests to one or more ordinary servers that handle the request. The response from the proxy server is returned as if it came directly from the original server, leaving the client with no knowledge of the original server. It performs task such as:
Encryption/SSL acceleration A reverse proxy that is equipped with SSL acceleration hardware can handle the SSL encryption for the web servers. Therefore, multiple hosts can rely on a single “SSL proxy” for SSL encryption. On the other hands, all hosts are forced to share a common DNS name or IP address for SSL connections. Such problem can be overcome by using the SubjectAltName feature of X.509 certificates.
Load balancing A reverse proxy can distribute the load to several web servers. It may need to rewrite the URLs in each web page.
Server/cache static content A reverse proxy can cache static contents.
Compression A reverse proxy can optimize and compress the content to speed up the load time.
Spoon feeding A reverse proxy can reduce resource usage caused by slow clients by caching the content the web server sent and slowly “spoon feeding” it to the client. It benefits dynamically generated pages.
Security A reverse proxy provides an additional layer of defense to protect against some OS and Web Server specific attacks.
Extranet publishing A reverse proxy provides extranet access to some functions while keeping the servers behind the firewalls. If used in this way, security measures should be considered to protect the rest of your infrastructure in case this server is compromised, at its web application is exposed to attack from the internet.