1. What is a Proxy?
Of course, the proxy mentioned here refers to web proxy services, acting as an intermediary between client resource requests and web services that provide those resources:
In computer networking, a proxy server is a server application or appliance that acts as an intermediary for requests from clients seeking resources from servers that provide those resources.
Proxy services can be implemented on the client side, or at any point between the client and the target server:
A proxy server may reside on the user's local computer, or at any point between the user's computer and destination servers on the Internet.
For example, instead of directly requesting from the web service providing target resources, the client requests the proxy service with the complete URL of the target resource:
GET http://en.wikipedia.org/wiki/Proxy_server HTTP/1.1
Accept: text/html
After the proxy service receives it, (the proxy service) requests the specified resource and forwards the response result to the client:
HTTP/1.1 200 OK
Content-Type: text/html; charset UTF-8
2. What is a Reverse Proxy?
"Reverse" is naturally relative to "forward", so, first we need to know what is a forward proxy?
Forward Proxy
A forward proxy is external-facing, oriented toward external resources, used to obtain various data from the network:
A forward proxy is an Internet-facing proxy used to retrieve data from a wide range of sources (in most cases anywhere on the Internet).
It makes resource requests on behalf of clients and returns response results to the corresponding clients. Therefore, a forward proxy is closer to the client and has a closer relationship with the client (relationship with the server is ordinary, not familiar)
Reverse Proxy
A reverse proxy is responsible for redirecting traffic to internal servers according to configuration rules, and external requests are unaware of the existence of the internal network:
A reverse proxy taking requests from the Internet and forwarding them to servers in an internal network. Those making requests to the proxy may not be aware of the internal network.
A reverse proxy is internal-facing, oriented toward internal resources, used as a front-end for access control and protection of servers on private networks:
A reverse proxy is usually an internal-facing proxy used as a front-end to control and protect access to a server on a private network.
Therefore, a reverse proxy is closer to the server and has a special relationship with the server, and only provides limited resources (unlike forward proxies that can obtain various resources from the network):
The reverse proxy sits closer to the web server and serves only a restricted set of websites.
And this proxy relationship is definitely transparent to users, because users don't know whether they're connecting to the origin service or the proxy service:
A reverse proxy (or surrogate) is a proxy server that appears to clients to be an ordinary server.
Whereas users are usually aware of forward proxies, knowing explicitly that they're accessing network resources through a proxy
P.S. Besides forward and reverse proxies, there are also:
-
Open proxy: A forward proxy facing the public (anyone can access)
-
Anonymous proxy: A proxy service that doesn't disclose the client's original IP address
-
Transparent proxy: Passes through requests and responses without any modification, used as Gateway and Router
3. How to Understand "Reverse"?
Reverse proxy and forward proxy work exactly the same way, making it difficult to distinguish them:
Actually, the key difference is that a forward proxy is an intermediary for its associated clients to contact any server, while a reverse proxy is an intermediary for its associated servers to be contacted by any client:
Unlike a forward proxy, which is an intermediary for its associated clients to contact any server, a reverse proxy is an intermediary for its associated servers to be contacted by any client.
That is to say, a forward proxy represents the client, while a reverse proxy represents the server:
A proxy acts on behalf of the client(s), while a reverse proxy acts on behalf of the server(s).
From a directional perspective, a forward proxy requests resources on behalf of the client, while a reverse proxy provides resources on behalf of the server:
[caption id="attachment_2115" align="alignnone" width="806"]
why reverse proxy named as reverse[/caption]
4. What is the Use of Reverse Proxy?
Reverse proxy is commonly used in the following scenarios:
-
Encryption/SSL acceleration: Delegate SSL encryption work to a reverse proxy equipped with SSL hardware accelerators
-
Load balancing: Distribute traffic load to multiple web servers
-
Hosting/caching static content: Delegate static content (such as images) to the reverse proxy to share the origin server's load
-
Compression: Proxy servers can compress and optimize resource content to improve loading speed
-
Security protection: Can shield the existence and characteristics of origin servers, combined with firewalls to defend against common web attacks
-
Access control: Monitor/filter content, commonly used in workplaces, schools, etc.
SSL Acceleration
For HTTP services, SSL encryption can be implemented through a layer of reverse proxy, see [nginx HTTPS Reverse Proxy](/articles/nginx-https 反向代理/) for details
Load Balancing
Reverse proxy can also be used to implement load balancing mechanisms, as shown below:
Client requests are distributed to various servers according to predetermined forwarding rules (i.e., load balancing strategies), and their response results are returned to the corresponding clients
P.S. For more information about load balancing, see Load Balancing_System Design Notes 5
No comments yet. Be the first to share your thoughts.