What is a proxy, forward proxy and reverse proxy?

This blog deep dives into what is a proxy and what are the key differences between forward proxy vs reverse proxy

Aug 09, 2024

What is a proxy?

Before deep-diving into both proxies, let’s understand what a proxy is.

As per Wikipedia, “a proxy server is an application that acts as an intermediary between a client requesting a resource and the server providing that resource. It improves privacy, security, and possibly performance in the process.”

A proxy server(often called a proxy) usually sits in between any two components of a system. It might be between a client and a server or even between two groups of servers. The proxy server is responsible for doing some common jobs like serving the cached responses, SSL encryption, load balancing, acting as a firewall, etc to take full responsibility for the traffic going from one place to another.

Depending upon the kind of proxy that we are using in our system, it will have different applications:

Forward Proxy: This type of proxy is used to protect the clients accessing the websites via the internet.
Reverse Proxy: This type of proxy is used to guard the web servers from the clients trying to access websites via the internet.

Let’s understand about each of them in depth.

What is a Forward Proxy?

A forward proxy(also known as an Internet-facing proxy) is a server that sits between a client (e.g., a web browser) and the Internet. When a client’s browser makes a request to access a website, the outgoing request is sent to the forward proxy server, which then forwards the request to the destination server. The destination server responds to the forward proxy, which then sends the response back to the client’s browser.

Refer to the image attached to understand where a forward proxy sits.

What are the advantages of a forward proxy?

Caching: Forward proxies can cache frequently requested resources, reducing the need for repeated requests to the destination server. This can improve page load times and reduce bandwidth usage.
Content Filtering & Security: Forward proxies can filter out unwanted content, such as blocking access to certain websites or restricting access to specific resources. Also, the forward proxies can protect clients from malicious content by filtering out suspicious requests and responses
Anonymity: Forward proxies can hide client IP addresses, making it difficult for destination servers to track client activity. Anonymity can be helpful in use cases where we want to hide our clients’ IP addresses and avoid them being a target to an attack.
Request Modification: Forward proxies can modify client requests, such as adding or removing headers, to customize the request before sending it to the destination server.
Access Control: Forward proxies can enforce access controls, such as authentication and authorization, to restrict access to certain resources.

What is a Reverse Proxy?

A reverse proxy(also known as an internal-facing proxy) is a server that sits between a server (e.g., a web server) and the internet. When a client’s browser makes a request to access a website, the incoming request is first accepted by the reverse proxy server, which then forwards the request to the web server. The web server responds to the reverse proxy, which then sends the response back to the client. HA Proxy is a classic example of a reverse proxy.

Refer to the image attached to understand where a reverse proxy sits.

What are the advantages of a reverse proxy?

Server Protection: Reverse proxies can protect origin servers from attacks, such as DDoS attacks, by hiding the origin server's IP address. Similarly, the proxy can block requests from specific geographic locations, restricting access to certain resources. Thus, Reverse proxies can act as a web application firewall (WAF) as a guard for our web servers(servers where the website is hosted)
Load Balancing: Reverse proxies can distribute client requests across multiple origin servers, improving responsiveness and availability. Each incoming request would be intercepted at the reverse proxy first and then later on distributed equally among the web servers.
SSL Termination: Reverse proxies can handle SSL encryption and decryption, offloading this task from the web server and improving performance. Thus, our web servers would have fewer responsibilities and be more efficient in doing other tasks.
Response Modification: Reverse proxies can modify server responses, such as adding or removing headers, to customize the response before sending it to the client (similar to request modification in a forward proxy)
Caching: Reverse proxies can cache frequently requested resources, reducing the need for repeated requests to the web servers.
Content Compression: Reverse proxies can compress content, reducing the amount of data transferred to clients and improving page load times.

While working on some real-world systems, you would find that popular cloud providers like Google Cloud Platform, Cloudflare, AWS Cloudfront, Azure CDN, Akamai, and NGINX all provide reverse proxy as a service.

The reason why reverse proxy is such a popular use case: When you are working on building an application that can be accessed globally, you want your servers to be accessed in the most efficient way possible while being secure.

The cloud providers deploy hundreds of reverse proxy servers throughout the world. When the client’s browsers request to access a website, the DNS resolution points them to the nearest cloud server (acting as a reverse proxy) which in turn routes the request to the web servers if there are no restrictions on the source incoming traffic.

That’s it, folks for this edition of the newsletter. In future editions, I will cover some more algorithms related to location search like quadtree. Stay tuned:)

Please consider liking and sharing with your friends as it motivates me to bring you good content for free. If you think I am doing a decent job, share this article in a nice summary with your network. Connect with me on Linkedin or Twitter for more technical posts in the future!