What Are Reverse Proxies? When Are They Used?
What are reverse proxies? Are they the same as CDNs?
What are reverse proxies? Are they the same as CDNs?
Reverse proxies are exactly what they sound like: they are the opposite of regular HTTP proxies (which are client-side). Such proxies tend to hide the “true identity” of the origin server(s) — they, in essence, they receive a HTTP/HTTPS request and forward information between you and the origin (in effect, there is a “middleman” preventing users from accessing content directly).
As a result, “reverse proxies” are often found in DDoS protection applications, where end-users cannot discover the “direct IP” and thus should not be able to take a website or application offline.
Passing along users' header information, a reverse proxy usually forwards the Host header so the origin knows what to serve. Apart from this, popular software such as NGINX also supports the ability to forward web sockets -- and newer HTTP connection types (partial QUIC support, etc.).
While reverse proxies are commonly used to hide the identity of an origin server, they can also be used to balance traffic among multiple origins. An example of this would be a PULL zone on a CDN — data is pulled through a CDN node and is forwarded to users once static data has been cached. This benefits users as they see faster load times (servers also tend to be more well connected internationally to the “origin,” so even if you’re requesting content from a server located thousands of kilometres away, you should see a smaller performance hit over requesting directly).
Generally, you will hear about NGINX, Apache, and other web servers being mentioned. These servers thus have two modes of operation:
Having said that, there are dedicated reverse proxies; some of which include HAProxy and Varnish.
Most — if not all CDNs — have a “PULL” zone type. This essentially uses a user-operated backend and many nodes placed in front (an example is below; CDNs usually have many “reverse proxies” to handle requests around the world).
The example uses a single reverse proxy, however the concept should now be easy to understand.
Simply put, while "pull zones" share a common concept (they both "proxy" data to and from a user), CDNs have other features that not all reverse proxies natively implement.
HTTP is a protocol used to connect to web servers by web browsers to request content to view. This is also used to transfer larger files, and is often used for software updates.
HTTP Headers are used to relay information between a server and a client (i.e. responses from a server will contain these "headers").
A proxy is a medium (server) that forwards traffic to a requested destination and vice-versa.
HTTPS refers to a secure HTTP request -- that is, the connection between a client and server is secured and encrypted using a trusted SSL certificate.
Reverse proxies are similar to proxies; though they operate in a "flipped model" where data is exchanged between a client <-> server <-> origin.