What is a Reverse Proxy?
Firstly, What is a Forward Proxy?
Before we dive into the meaning of reverse in the proxy sense, lets first make sure that we understand what a proxy means.
To start, what does ‘proxy mean in English?
The Cambridge English Dictionary defines proxy as:
‘authority given to a person to act for someone else, such as by voting for them…’
This means that a proxy is a method of handing off rights that an individual holds to another individual, who has been given the authority to exercise those rights. Often in legal matter a proxy is denoted by means of a legal document, which can be shown and proof when required.
What Does Proxy Mean in Computer Terms?
In computing terms, a proxy server acts as an intermediary between client and server.
A forward proxy, to give it its full title, works like a gateway, evaluating incoming requests from client applications seeking server resources.
Each incoming request needs to conform to certain rules before being passed to the server on the requesting client’s behalf. Thus, the client application does not access the server directly. The proxy is asked first. It then inspects each incoming request by applying pre-set rules based on the request’s intent before allowing or declining the request
Approved requests are sent to the server in the name of the proxy.
In this way a proxy acts on behalf of a server or bank of servers, reducing server load and minimising security risks to the server.
What then is a Reverse Proxy?
Just like a forward proxy, a reverse proxy server interacts with client applications. However, it responds to client directly. Thus responses to client request originate from the reverse proxy server itself and not from the server.
This distinction allows a reverse proxy server to manipulate incoming requests in interesting ways. For example, a client request can:
- Be converted from HTTPS to HTTP running on an internal network
- Be transformed from a single request into a cascade of smaller operations
- Be diverted to a specific server based on the request intent
- Be returned directly to the client from a static content cache stored on the proxy server itself, not even touching the server
- Be directed to an array of local IP addresses based on the requested HTTP destination of the client request. (This is how multiple websites share a single IP address in a shared hosting space)