A reverse proxy is a type of proxy server that sits in front of web servers and forwards client (also known as web browser) requests to those servers. The proxy server can cache requests for a certain period of time and thus can answer queries faster than the servers where the data resides, thus reducing load and improving the security of those servers. The requested resources are returned to the client, appearing as if they came from the server itself. Reverse proxies are typically internal-facing proxies used to increase security, performance, and reliability.
For better understanding a reverse proxy, it’s helpful to know what a proxy server is, sometimes called a forward proxy. A proxy server is a server that sits in front of a group of client machines and is external-facing, acting as a middle man between client machines and the internet. Forward proxies can be used to access blocked content or to preserve anonymity.
Reverse proxy vs. proxy server
Reverse proxies differ from a proxy in that a reverse proxy acts on behalf of the server, while a proxy acts on behalf of the client. Proxies sit in front of a client and ensure that no origin server ever communicates directly with that specific client. Reverse proxies sit in front of an origin server and ensures no client ever communicates directly with that origin server. The difference is subtle but important.
Benefits of using a reverse proxy
- Load balancing: A reverse proxy can provide a load-balancing solution to distribute a large amount of incoming traffic evenly among the different servers to prevent any single server from becoming overloaded.
- Security: A website or server using a reverse proxy does not have to reveal the IP address of their origin server. This will make it more difficult for malicious parties, who will have to instead attack the reverse proxy itself, which will have tighter security and more resources to fend off the attack.
- Access control: Because there is only a single point of access, users can concentrate access control on that single point. In addition, it’s easier to monitor what goes in and out of the reverse proxy because of the single point of access.
- Caching: A reverse proxy can cache content, meaning that performance will be faster because a large number of website requests can be satisfied at once.