Reverse proxy
Encyclopedia
In computer network
s, a reverse proxy is a type of proxy server
that retrieves resources on behalf of a client
from one or more server
s. These resources are then returned to the client as though it originated from the reverse proxy itself. While a forward proxy is usually situated between the client application (such as a web browser
) and the server(s) hosting the desired resources, a reverse proxy is usually situated closer to the server(s) and will only return a configured set of resources.
Computer network
A computer network, often simply referred to as a network, is a collection of hardware components and computers interconnected by communication channels that allow sharing of resources and information....
s, a reverse proxy is a type of proxy server
Proxy server
In computer networks, a proxy server is a server that acts as an intermediary for requests from clients seeking resources from other servers. A client connects to the proxy server, requesting some service, such as a file, connection, web page, or other resource available from a different server...
that retrieves resources on behalf of a client
Client (computing)
A client is an application or system that accesses a service made available by a server. The server is often on another computer system, in which case the client accesses the service by way of a network....
from one or more server
Server (computing)
In the context of client-server architecture, a server is a computer program running to serve the requests of other programs, the "clients". Thus, the "server" performs some computational task on behalf of "clients"...
s. These resources are then returned to the client as though it originated from the reverse proxy itself. While a forward proxy is usually situated between the client application (such as a web browser
Web browser
A web browser is a software application for retrieving, presenting, and traversing information resources on the World Wide Web. An information resource is identified by a Uniform Resource Identifier and may be a web page, image, video, or other piece of content...
) and the server(s) hosting the desired resources, a reverse proxy is usually situated closer to the server(s) and will only return a configured set of resources.
Uses of reverse proxies
- Reverse proxies can hide the existence and characteristics of the origin server(s).
- Application firewall features can protect against common web-based attacks. Without a reverse proxy, removing malware or initiating takedowns, for example, can become difficult.
- In the case of secure websites, the SSL encryptionEncryptionIn cryptography, encryption is the process of transforming information using an algorithm to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information...
is sometimes not performed by the web server itself, but is instead offloaded to a reverse proxy that may be equipped with SSL accelerationSSL accelerationSSL acceleration is a method of offloading the processor-intensive public key encryption algorithms involved in SSL transactions to a hardware accelerator....
hardware. - A reverse proxy can distribute the load from incoming requests to several servers, with each server serving its own application area. In the case of reverse proxying in the neighborhood of web serverWeb serverWeb server can refer to either the hardware or the software that helps to deliver content that can be accessed through the Internet....
s, the reverse proxy may have to rewrite the URL in each incoming request in order to match the relevant internal location of the requested resource. - A reverse proxy can reduce load on its origin servers by cachingCacheIn computer engineering, a cache is a component that transparently stores data so that future requests for that data can be served faster. The data that is stored within a cache might be values that have been computed earlier or duplicates of original values that are stored elsewhere...
static contentStatic web pageA static web page is a web page that is delivered to the user exactly as stored, in contrast to dynamic web pages which are generated by a web application....
, as well as dynamic contentDynamic web pageA dynamic web page is a kind of web page that has been prepared with fresh information , for each individual viewing. It is not static because it changes with the time , the user , the user interaction , the context A dynamic web page is a kind of web page that has been prepared with fresh...
. Proxy caches of this sort can often satisfy a considerable amount of website requests, greatly reducing the load on the origin server(s). Another term for this is web acceleratorWeb acceleratorA web accelerator is a proxy server that reduces web site access times. They can be a self-contained hardware appliance or installable software....
. This technique is also used for the Wikipedia servers. - A reverse proxy can optimize content by compressingData compressionIn computer science and information theory, data compression, source coding or bit-rate reduction is the process of encoding information using fewer bits than the original representation would use....
it in order to speed up loading times. - In a technique known as "spoon feeding", a dynamically generated page can be produced all at once and served to the reverse-proxy, which can then return it to the client a little bit at a time. The program that generates the page is not forced to remain open and tying up server resources during the possibly extended time the client requires to complete the transfer.
- Reverse proxies can be used whenever multiple web servers must be accessible via a single public IP address. The web servers listen on different ports in the same machine, with the same local IP address or, possibly, on different machines and different local IP addresses altogether. The reverse proxy analyses each incoming call and delivers it to the right server within the local area network.
Reverse proxy server software
- aiCacheAiCacheaiCache is an HTTP accelerator and load balancer designed to allow dynamic web pages to scale content by intelligently caching frequently requested content...
is a commercial reverse proxy and a caching reverse proxy. - Airlock, a Web Application Firewall developed and marketed by Switzerland's Ergon Informatik AG. It offers SSL termination, upstream authentication, blacklist and white-list filtering as well as load balancing capabilities.
- Apache HTTP ServerApache HTTP ServerThe Apache HTTP Server, commonly referred to as Apache , is web server software notable for playing a key role in the initial growth of the World Wide Web. In 2009 it became the first web server software to surpass the 100 million website milestone...
may be extended with mod proxyMod proxymod_proxy is an optional module for the Apache HTTP Server .This module implements a proxy/gateway/cache for Apache. It implements proxying capability for or AJP13 , FTP, CONNECT , HTTP/0.9, HTTP/1.0, and HTTP/1.1...
to be used as a reverse proxy; a caching reverse proxy server may be configured using the mod_cache module in conjunction with mod_proxy. - Apache Traffic ServerTraffic ServerThe Apache Traffic Server is a modular, high-performance reverse proxy and forward proxy server, generally comparable to Nginx and Squid. It was created by Inktomi, and distributed as a commercial product called the Inktomi Traffic Server, before Inktomi was acquired by Yahoo!...
, an open source, high-performance routing and caching server. - ApplianSys CACHEbox is a high-performance HTTP/HTTPS/FTP caching proxy appliance supporting reverse- as well as forward deployment modes.
- Arahe SiteCelerate is a commercial high performance reverse proxy with caching and compression. It offers image and text compression.
- ArmorlogicArmorlogicArmorlogic is a security software company founded in 2004 by a group of leading Internet security specialists from some of the world's largest Internet security consulting companies. The Company's product range includes a web application firewall and content load balancer...
Profense, an advanced reverse proxy (with web application firewall module) and content load balancer. - Blue Coat SystemsBlue Coat SystemsBlue Coat Systems Inc. is a network security and network management company based in Sunnyvale, California, United States.It identifies itself as an application delivery network specialist...
ProxySG, a forward proxy that can also be used as a reverse proxy. - F5 NetworksF5 NetworksF5 Networks, Inc. is a networking appliances company. It is headquartered in Seattle, Washington and has development and marketing offices worldwide. It originally manufactured and sold some of the very first load balancing products...
BIG-IP can be used as a reverse proxy with load balancing capabilities and has an optional application security module (ASM) to protect against attacks. - CherokeeCherokee (Webserver)Cherokee is an open-source Cross-platform Web server that runs on Linux, BSD variants, Solaris, Mac OS X, and Microsoft Windows. It is a lightweight, high-performance Web Server/reverse proxy licensed under the GNU General Public License. Its goal is to be fast and fully functional yet still light...
can be used as a reverse proxy as well as a web server and load balancer. - GoAnywhere GatewayLinoma SoftwareLinoma Software is the developer of managed file transfer and encryption solutions. Linoma Software’s customers are primarily made up of mid-sized companies, large enterprises and government entities including city, county and state government...
, an enhanced reverse proxy that allows FTP, FTPS, SFTP and HTTP services without exposing sensitive files in the DMZ or opening incoming ports into the internal network. - Internet Information ServicesInternet Information ServicesInternet Information Services – formerly called Internet Information Server – is a web server application and set of feature extension modules created by Microsoft for use with Microsoft Windows. It is the most used web server after Apache HTTP Server. IIS 7.5 supports HTTP, HTTPS,...
7.0 with URL Rewrite v2 and Application Request Routing can act as a reverse proxy. - LighttpdLighttpdlighttpd is an open-source web server more optimized for speed-critical environments than common products while remaining standards-compliant, secure and flexible...
can be used as a reverse proxy with load balancing capabilities. - LiteSpeed Web ServerLiteSpeed Technologies Inc.LiteSpeed Technologies Inc. is based in New Jersey, USA. It is an information technology company that produces web server software designed specifically for large web sites, such as those of Internet service providers and corporate data centers....
can be used as a transparent reverse proxy server running in front of any web server or application server that supports the HTTP protocol. - McAfee Web Gateway is a product that can act as a reverse proxy. It also provides SSL decryption, caching, anti-virus, anti-spam and other threat detection features.
- Microsoft Forefront Threat Management Gateway (Forefront TMG), formerly known as Microsoft Internet Security and Acceleration Server (ISA Server), is a commercial proxy, firewall and caching solution by Microsoft.
- Netscaler ADC (Citrix Systems), A hardware and software solution providing advanced application and service delivery. Netscaler is a reverse-proxy with high-speed load balancing and content switching, data compression, content caching, SSL acceleration, network optimization, application visibility and application security on a single platform.Citrix Netscaler ADC
- NginxNginxnginx is a Web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage. It is licensed under a BSD-like license and it runs on Unix, Linux, BSD variants, Mac OS X, Solaris, and Microsoft Windows.- Overview...
is a web- and reverse proxy server. - Novell Access ManagerNovell Access ManagerAccess Manager is access management product from Novell, Inc., successor to the iChain product. It supports single sign-on for web applications and SSL VPN.- External links :*...
is a commercial security solution which includes a reverse proxy, a policy-based access manager, and SSL VPN. All components use an LDAP-like directory or federation with Liberty and others. - PerlbalPerlbalPerlbal is a Perl-based reverse proxy load balancer and web server. Perlbal is maintained by a group connected to Danga Interactive. The program is in common use by large web sites to distribute the load over a number of servers....
is a PerlPerlPerl is a high-level, general-purpose, interpreted, dynamic programming language. Perl was originally developed by Larry Wall in 1987 as a general-purpose Unix scripting language to make report processing easier. Since then, it has undergone many changes and revisions and become widely popular...
-based reverse proxy load balancer and web server. - PortFusion is an open-source, tiny, multi-protocol, distributed reverse proxy for all types of TCP-based traffic developed at the University of Heidelberg for remote administration and web service routing. Its focus is on maximum throughput, small binary and source code size and easy configuration from the command line.
- PoundPound (networking)Pound is a lightweight open source reverse proxy program and application firewall suitable to be used as a web server load balancing solution. Developed by an IT security company, it has a strong emphasis on security. The original intent on developing Pound was to allow distributing the load among...
is a lightweight, open source reverse proxy. - Secure Entry Server, a Reverse Proxy developed and marketed by Switzerland's United Security Providers AG. It offers SSL termination, filtering, quality of application, integration engine as well as secure login service with a wide range of authentication protocols.
- Squid is a proxy server that may be installed in a reverse proxy configuration.
- StunnelStunnelStunnel is an open-source multi-platform computer program, used to provide universal TLS/SSL tunneling service.Stunnel can be used to provide secure encrypted connections for clients or servers that do not speak TLS or SSL natively. It runs on a variety of operating systems , including most...
can be used as a local SSL reverse proxy. - Sun Java System Web Server includes a reverse proxy module with load-balancing capabilities.
- TinyproxyTinyproxyTinyproxy is a HTTP proxy server daemon for POSIX operating systems. Designed to be fast and small, it is useful when an HTTP/HTTPS proxy is required, but the system resources for a larger proxy are unavailable. Because of this reason, it has been put to uses such as a tether on the iPhone, and on...
is a minimalistic HTTP proxy which can be configured to work as a reverse proxy. - Tivoli Access Manager for eBusiness, WebSEAL is one of IBM's security products with WebSEAL being the reverse proxy.
- Varnish CacheVarnish cacheVarnish is an HTTP accelerator designed for content-heavy dynamic web sites. In contrast to other HTTP accelerators, such as Squid, which began life as a client-side cache, or Apache and nginx, which are primarily origin servers, Varnish was designed from the ground up as an HTTP accelerator...
is a performance-focused, open source reverse proxy. It has a policy configuration language to allow for extension. It features ESIEdge Side IncludesEdge Side Includes or ESI is a small markup language for edge level dynamic web content assembly. The purpose of ESI is to tackle the problem of web infrastructure scaling. It is an application of edge computing....
, SaintMode, DNS director, built-in Load Balancing and native support for Varnish Modules written in C. - WinGateWinGate (computing)WinGate is an Integrated Gateway Management system for Microsoft Windows, providing firewall and NAT services, along with a number of integrated proxy servers and also email services ....
supports reverse-proxying with SSL, authentication, and multiple virtual hosts. - ZeusZeus Web ServerZeus Web Server is a proprietary web server for Unix and Unix-like platforms . Support for AIX, Tru64, and Mac OS X was dropped on 10 June 2008....
is a product that can function as both a forward and reverse proxy, as well as content load balancer.