Concept of Reverse proxy

Concept of Reverse proxy

A sort of proxy server known as a "reverse proxy" lies in front of one or more web servers and routes incoming client requests to the proper server in accordance with configuration. For web servers, reverse proxies are often used to provide security, improve performance, and control access.

In order words, you can say that a server, application, or cloud service known as a "reverse proxy" sits in front of one or more web servers to intercept and examine incoming client requests before transmitting them to the server and then sending the server's response back to the client.

This supports websites, cloud services, and content delivery networks in terms of security, scalability, and performance (CDNs). One of the deployment options for a cloud access security broker is a reverse proxy service (CASB).

Fig 1.1- Reverse proxy

Thread Protection: A website or service never needs to disclose the IP address of their origin server when a reverse proxy is in place (s). As a result, it is far more difficult for attackers to use a focused attack against them, such a DDoS attack.

Global Server Load Balancing (GSLB): The reverse proxy will route clients to the server that is physically nearest to them when using Global Server Load Balancing (GSLB), which allows a website to be distributed across numerous servers across the world. By reducing the distances requests and responses must travel, load times are reduced.

To reduce the load on web servers and improve performance, a reverse proxy can cache frequently-requested content such as images and videos.

SSL encryption: For an origin server, encrypting and decrypting SSL (or TLS) communications for each client can be computationally expensive. A reverse proxy can be configured to decrypt all incoming requests and encrypt all outgoing responses, allowing the origin server to free up valuable resources.

A reverse proxy can be set up to limit access to specific resources based on the IP address, login information, or other criteria of the client.

Security: As an additional layer of security, a reverse proxy can be set up to require client authentication before sending requests to the web servers.

Rewriting URLs: A reverse proxy can be set up to rewrite URLs, making client-side URLs more adaptable and user-friendly.

Monitoring and logging: A reverse proxy can be set up to record client requests and server responses, giving monitoring and troubleshooting personnel useful information.

How Does a Reverse Proxy Work?

A reverse proxy interfaces with an organization's authentication service while passing through traffic (e.g., single sign-on). The reverse proxy can function inline without an agent after services and applications are set up to transact with it. 

Incoming traffic to managed cloud apps and similar services is immediately diverted to the reverse proxy, providing a simple user experience.

By serving as a go-between or stand-in for the server where the sensitive data is stored, a reverse proxy can shield that data from harm. Client requests are forwarded from the content server to the reverse proxy first, then via any relevant firewalls using a defined port, and then back to the client. 

Although there is no direct communication between the client and the server, the client perceives replies as if there had been.

Step 1: Reverse proxy intercepts a request sent by the client.

Step 2: The reverse proxy redirects the incoming request to the firewall. The reverse proxy can be set to directly respond to requests for files in its cache without connecting with the server. Firewall either denies or sends the request to the server

Step 3: The server replies to the proxy across the firewall, and the reverse proxy replies to the client.

In order to manage access to web servers in a secure and effective manner, reverse proxies are frequently employed in enterprise networks and web hosting settings.

Other Basic articles you may interested in:

Take a look on SASE (Secure Access Service Edge) - The Network DNA
Flashback - Learn IP Addressing! - The Network DNA
Basics: DHCP Client IP address Process - The Network DNA
Top 5 tools to use alongside a firewall for the best network protection in 2020 - The Network DNA
10 Steps to configure Cisco DSL Router - The Network DNA
How traceroute works in the networks ! - The Network DNA
All about IP MTU and IP TCP MSS - The Network DNA
CCNA Basics: Introduction to Wildcard Mask - The Network DNA
Quick about the difference : Load Balancing Vs Load Sharing - The Network DNA
Underlay Vs Overlay Networks - The Network DNA

No comments