why - Difference between proxy server and reverse proxy server




why use a reverse proxy (12)

Cloudflare has a great article with images explaining this in details.

Check here: https://www.cloudflare.com/learning/cdn/glossary/reverse-proxy/


What is the difference between proxy server and reverse proxy server?


Forward proxies grant the client anonymity (i.e, think Tor).

Reverse proxies grant back end servers anonymity (i.e, think servers behind a DMZ).


Proxy : It is making the request on behalf of the client. So, the server will return the response to the proxy and the proxy will forward the response to the client. In fact, the server will never "learn" who the client was (client's IP), it will only know the proxy. However, the client definitely knows the server, since it essentially formats the HTTP request destined for the server, but it just hands it to the proxy.

Reverse Proxy : It is receiving the request on behalf of the server. It forwards the request to the server, receives the response and then returns the response to the client. In this case, the client will never "learn" who was the actual server (server's IP) (with some exceptions), it will only know the proxy. The server will or won't know the actual client, depending on the configurations of the reverse proxy.


if no proxy to see from client side and server side are the same: Client -> Server proxy from client side: Client -> proxy -> Server from Server side: Client -> Server reverse proxy from client side: Client -> Server from Server side: Client -> proxy -> Server

So I think if it set up by Client user,it called proxy;if it set up by Server manager it is reverse proxy.

Because the purposes and reasons for setting it up are different, they deal with data in different ways and use different software.

or

   User side         |      Server side
client  <->  proxy  <-> gate_server <->  reverse_proxy <-> realserver

From the perspective of "gate server", one is proxy another is reverse.


A proxy server proxies (and optionally caches) outgoing network requests to various not-necessarily-related public resources across the Internet. A reverse proxy captures (and optionally caches) incoming requests from the Internet and distributes them to various internal private resources, usually for High Availability purposes.


Although my understanding from an apache perspective is that Proxy means that if site x proxies for site y, then requests for x return y.

The reverse proxy means that the response from y is adjusted so that all references to y become x.

So that the user cannot tell that a proxy is involved...


As per my understanding..........

To start with, as everyone knows proxy means "The authority to represent someone else". Now there are two things Forward and Reverse proxy.

FORWARD PROXY Suppose you want to access "google" and "google" in turn will have n number of servers to respond to that particular request.

Now in this case while you are requesting for something from google and you don’t want google to see your IP address then you will use a forward proxy, as explained below.

A----->B----->C

Now here you are A sending a request through B, So C will think that the request is coming from B, not A. In this way you can prevent your clients IP not to be exposed to outer world.

REVERSE PROXY. Now in this case, to make you understand we will take the same case of forward proxy. Here you have requested for something to google which in turn going to send the one request to the app server or another proxy server to get the response. So these things will happen as explained below.

A----->B----->C

          C------>D

          C<------D

A<-----B<-----C From the above diagram you can see that a request has been sent to C from B not from A.Then from C there will be one Request send to D. Similarly the response will go to C from D and then to B and A.

The above diagram says its only the context which matters although both the proxies are acting the same way but client side proxy is hiding client information whereas server side proxy will hide server side information.

Please comment if you feel the above explanation is wrong.


Best explanation here with diagrams:

While a forward proxy proxies in behalf of clients ( or requesting hosts ), a reverse proxy proxies in behalf of servers

In effect, whereas a forward proxy hides the identities of clients, a reverse proxy hides the identities of servers


I found this diagram to be very helpful. It just shows the architecture of a forward vs reverse proxy setup from client to server over the Internet. This image will help you to understand qyb2zm302's post and other posts better.

You can also watch this video from F5's DevCentral by Peter Silva.

Picture Source: Quora. All credits to the person who created this diagram.

It reminded me of the classic proverb:

A picture is worth 1000 words.


Some diagrams might help:

Forward proxy

Reverse proxy


The previous answers were accurate, but perhaps too terse. I will try to add some examples.

First of all, the word "proxy" describes someone or something acting on behalf of someone else.

In the computer realm, we are talking about one server acting on the behalf of another computer.

For the purposes of accessibility, I will limit my discussion to web proxies - however, the idea of a proxy is not limited to websites.

FORWARD proxy

Most discussion of web proxies refers to the type of proxy known as a "forward proxy."

The proxy event, in this case, is that the "forward proxy" retrieves data from another web site on behalf of the original requestee.

A tale of 3 computers (part I)

For an example, I will list three computers connected to the internet.

  • X = your computer, or "client" computer on the internet
  • Y = the proxy web site, proxy.example.org
  • Z = the web site you want to visit, www.example.net

Normally, one would connect directly from X --> Z.

However, in some scenarios, it is better for Y --> Z on behalf of X, which chains as follows: X --> Y --> Z.

Reasons why X would want to use a forward proxy server:

Here is a (very) partial list of uses of a forward proxy server.

  • 1) X is unable to access Z directly because

    • a) Someone with administrative authority over X's internet connection has decided to block all access to site Z.

      • Examples:

        • The Storm Worm virus is spreading by tricking people into visiting familypostcards2008.com, so the system administrator has blocked access to the site to prevent users from inadvertently infecting themselves.

        • Employees at a large company have been wasting too much time on facebook.com, so management wants access blocked during business hours.

        • A local elementary school disallows internet access to the playboy.com website.

        • A government is unable to control the publishing of news, so it controls access to news instead, by blocking sites such as wikipedia.org. See TOR or FreeNet.

    • b) The administrator of Z has blocked X.

      • Examples:

        • The administrator of Z has noticed hacking attempts coming from X, so the administrator has decided to block X's IP address (and/or netrange).

        • Z is a forum website. X is spamming the forum. Z blocks X.

REVERSE proxy

A tale of 3 computers (part II)

For this example, I will list three computers connected to the internet.

  • X = your computer, or "client" computer on the internet
  • Y = the reverse proxy web site, proxy.example.com
  • Z = the web site you want to visit, www.example.net

Normally, one would connect directly from X --> Z.

However, in some scenarios, it is better for the administrator of Z to restrict or disallow direct access and force visitors to go through Y first. So, as before, we have data being retrieved by Y --> Z on behalf of X, which chains as follows: X --> Y --> Z.

What is different this time compared to a "forward proxy," is that this time the user X does not know he is accessing Z, because the user X only sees he is communicating with Y.
The server Z is invisible to clients and only the reverse proxy Y is visible externally. A reverse proxy requires no (proxy) configuration on the client side.

The client X thinks he is only communicating with Y (X --> Y), but the reality is that Y forwarding all communication (X --> Y --> Z again).

Reasons why Z would want to set up a reverse proxy server:

  • 1) Z wants to force all traffic to its web site to pass through Y first.
    • a) Z has a large web site that millions of people want to see, but a single web server cannot handle all the traffic. So Z sets up many servers and puts a reverse proxy on the internet that will send users to the server closest to them when they try to visit Z. This is part of how the Content Distribution Network (CDN) concept works.
  • 2) The administrator of Z is worried about retaliation for content hosted on the server and does not want to expose the main server directly to the public.
    • a) Owners of Spam brands such as "Canadian Pharmacy" appear to have thousands of servers, while in reality having most websites hosted on far fewer servers. Additionally, abuse complaints about the spam will only shut down the public servers, not the main server.

In the above scenarios, Z has the ability to choose Y.

Links to topics from the post:

Content Delivery Network

forward proxy software (server side)

reverse proxy software for HTTP (server side)

reverse proxy software for TCP (server side)

see also: