Reverse Proxy: What Is a Reverse Proxy and Why Use One?
A reverse proxy server retrieves information from one or more other servers, but returns it as though it originated from the reverse proxy server.
Typically, two devices talk directly to one another. You tap out a web address, and you connect with the server that holds the content you want. A reverse proxy changes that relationship.
A reverse proxy sits in front of a website's server. A user connects with the proxy first, and that proxy gathers up content and sends it back. The user may have no idea that they're connecting with an intermediary.
Reverse proxy usage is widespread. In fact, experts say more than 81 per cent of websites have them. If you don't, or you're not quite sure how they work, keep reading.
How does a reverse proxy server work?
If you want to encourage people to communicate with your website's server, but you also want a bit of control over the connection, a reverse proxy can help.
When users attempt to connect with your website's server, the system reroutes the communication to the proxy server at the network edge. The proxy interprets the request, communicates with the website server, and pushes the response back to the user.
In essence, a reverse proxy ensures that no user ever speaks with your website's server directly.
You can build your own reverse proxy server, and plenty of companies do just that. But you can also connect with a company that offers such services. You'll save development, testing, and implementation time.
The benefits of reverse proxy servers
Any company with multiple website servers accessible from just one web address might benefit from a reverse proxy server.
Plenty of other benefits are associated with reverse proxy servers, including:
- Greater security. Use a reverse proxy, and you can shield the true IP address of your website's servers from view. Hackers will have a harder time understanding your setup, and that could lead to a lower risk of devastating attacks.
- Enhanced speed. A proxy server can compress content during transit to ensure it loads quickly and easily for the user.
- Improved load balancing. One server won't get burdened with all the requests coming from visitors all around the world. The proxy server can distribute the work evenly.
- Unified experience. Plenty of companies have several domains and subdomains. For example, you might have a standard web address and a secondary address for your blog. Use a reverse proxy, and you can pull in those subdomains under your single address. Some SEO professionals believe this can result in better performance in search.
These are just a few of the benefits companies cite when they invest in reverse proxy systems. You may have others specific to your organisation and your system.
Drawbacks of reverse proxy systems
While many companies are thrilled with the help that comes with proxies, there are some complications and side effects that could dampen your enthusiasm.
Some find that setups are difficult. Manny reverse proxy systems require a bit of technical know-how and skill to combine with existing systems. It can be frustrating to troubleshoot setups and ensure that everything is working as it should.
Reverse proxy servers aren't immune to hackers either. Some hackers exploit vulnerabilities in the systems, and they take over a company's servers. Others use the technology to make lookalikes of common websites for phishing attacks.
Implementing a reverse proxy can leave you with a false sense of security, all while your website is still under attack. There are certainly security benefits to having one, but you should still stay vigilant.
Understand your options
At Okta, we take security very seriously. We've helped 10,650+ companies secure their digital interactions with customers and employees. Learn more.
References
Usage Statistics of Reverse Proxy Services for Websites. Web Technology Surveys.
What Is a Reverse Proxy, and How Can It Help My SEO? (October 2011). Moz.
HTTP Request Smuggling: Abusing Reverse Proxies. (June 2020). SANS.
New Reverse Proxy Tool Posted on Github Can Easily Bypass 2FA and Automated Phishing Attacks. (January 2019). Techspot.