![]() Extranet Publishing: a reverse proxy server facing the Internet can be used to communicate to a firewall server internal to an organization, providing extranet access to some functions while keeping the servers behind the firewalls.However, it does not provide any protection from attacks against the web application or service itself, which is generally considered the larger threat. Security: the proxy server is an additional layer of defense and can protect against some OS and Web Server specific attacks.This especially benefits dynamically generated pages. Spoon feeding: reduces resource usage caused by slow clients on the web servers by caching the content the web server sent and slowly “spoon feeding” it to the client.Compression: the proxy server can optimize and compress the content to speed up the load time.Serve/cache static content: A reverse proxy can offload the web servers by caching static content like pictures and other static graphical content.In such a case, the reverse proxy may need to rewrite the URLs in each web page (translation from externally known URLs to the internal locations). Load balancing: the reverse proxy can distribute the load to several web servers, each web server serving its own application area.This problem can partly be overcome by using the SubjectAltName feature of X.509 certificates. Furthermore, a host can provide a single “SSL proxy” to provide SSL encryption for an arbitrary number of hosts removing the need for a separate SSL Server Certificate for each host, with the downside that all hosts behind the SSL proxy have to share a common DNS name or IP address for SSL connections. Encryption / SSL acceleration: when secure web sites are created, the SSL encryption is often not done by the web server itself, but by a reverse proxy that is equipped with SSL acceleration hardware.There are several reasons for installing reverse proxy servers The use of “reverse” originates in its counterpart “forward proxy” since the reverse proxy sits closer to the web server and serves only a restricted set of websites. All traffic coming from the Internet and with a destination of one of the neighborhood’s web servers goes through the proxy server. Reverse proxies are installed in the neighborhood of one or more web servers. The response from the proxy server is returned as if it came directly from the original server, leaving the client no knowledge of the origin servers. Requests are forwarded to one or more proxy servers which handle the request. Reverse proxies – A reverse proxy (or surrogate) is a proxy server that appears to clients to be an ordinary server. There are varying degrees of anonymity however, as well as a number of methods of ‘tricking’ the client into revealing itself regardless of the proxy being used. An anonymous open proxy allows users to conceal their IP address while browsing the Web or using other Internet services. Gordon Lyon estimates there are “hundreds of thousands” of open proxies on the Internet. Open proxies – An open proxy is a forwarding proxy server that is accessible by any Internet user. A reverse proxy commonly also performs tasks such as load-balancing, authentication, decryption or caching. A reverse proxy is usually an Internet-facing proxy used as a front-end to control and protect access to a server on a private network.A forward proxy is an Internet-facing proxy used to retrieve from a wide range of sources (in most cases anywhere on the Internet).A proxy server that passes requests and responses unmodified is usually called a gateway or sometimes a tunneling proxy.Types of proxy – A proxy server may reside on the user’s local computer, or at various points between the user’s computer and destination servers on the Internet. Today, most proxies are web proxies, facilitating access to content on the World Wide Web and providing anonymity. Proxies were invented to add structure and encapsulation to distributed systems. A client connects to the proxy server, requesting some service, such as a file, connection, web page, or other resource available from a different server and the proxy server evaluates the request as a way to simplify and control its complexity. It is a server (a computer system or an application) that acts as an intermediary for requests from clients seeking resources from other servers.
0 Comments
Leave a Reply. |