The previous answers were accurate, but perhaps too terse.
I will try to add some examples.
First of all, the word "proxy" describes someone or something acting on behalf of someone else.
In the computer realm, we are talking about one server acting on the behalf of another computer.
For the purposes of accessibility, I will limit my discussion to web proxies - however, the idea of a proxy is not limited to websites.
FORWARD proxy
Most discussion of web proxies refers to the type of proxy known as a "forward proxy."
The proxy event, in this case, is that the "forward proxy" retrieves data from another web site on behalf of the original requestee.
A tale of 3 computers (part I)
For an example, I will list three computers connected to the internet.
- X = your computer, or "client" computer on the internet
- Y = the proxy web site, proxy.example.org
- Z = the web site you want to visit, www.example.net
Normally, one would connect directly from X --> Z.
However, in some scenarios, it is better for Y --> Z
on behalf of X
,
which chains as follows: X --> Y --> Z
.
Reasons why X would want to use a forward proxy server:
Here is a (very) partial list of uses of a forward proxy server:
REVERSE proxy
A tale of 3 computers (part II)
For this example, I will list three computers connected to the internet.
- X = your computer, or "client" computer on the internet
- Y = the reverse proxy web site, proxy.example.com
- Z = the web site you want to visit, www.example.net
Normally, one would connect directly from X --> Z.
However, in some scenarios, it is better for the administrator of Z
to restrict or disallow direct access and force visitors to go through Y first.
So, as before, we have data being retrieved by Y --> Z
on behalf of X
, which chains as follows: X --> Y --> Z
.
What is different this time compared to a "forward proxy," is that this time the user X
does not know he is accessing Z
, because the user X
only sees he is communicating with Y
.
The server Z
is invisible to clients and only the reverse proxy Y
is visible externally. A reverse proxy requires no (proxy) configuration on the client side.
The client X
thinks he is only communicating with Y
(X --> Y
), but the reality is that Y
forwarding all communication (X --> Y --> Z
again).
Reasons why Z would want to set up a reverse proxy server:
- 1) Z wants to force all traffic to its web site to pass through Y first.
- a) Z has a large web site that millions of people want to see, but a single web server cannot handle all the traffic. So Z sets up many servers and puts a reverse proxy on the internet that will send users to the server closest to them when they try to visit Z. This is part of how the Content Distribution Network (CDN) concept works.
- 2) The administrator of Z is worried about retaliation for content hosted on the server and does not want to expose the main server directly to the public.
- a) Owners of Spam brands such as "Canadian Pharmacy" appear to have thousands of servers, while in reality having most websites hosted on far fewer servers. Additionally, abuse complaints about the spam will only shut down the public servers, not the main server.
In the above scenarios, Z
has the ability to choose Y
.
Links to topics from the post:
Content Delivery Network
Forward proxy software (server side)
Reverse proxy software for HTTP (server side)
Reverse proxy software for TCP (server side)
See also: