Proxy

✅ Proxy

intermediary between client and server
connect two or more applications using same protocol

• HTTP proxy can function both as server and client
• Proxy recives HTTP client request ➡️ Proxy responds like server

• Proxy can send request to server ➡️ Proxy can act like client

• has own IP address
• user ➡️ send request on internet ➡️ routed to proxy

✅ Public, Private Proxy

✔️ Public Proxy

• proxy that can be used by multiple users
• centralized management
• most proxies are public
• 👍🏻 cost effective
• 👍🏻 for cache proxies, more users ⬆️ more common requests ⬆️ more efficient ⬆️

✔️ Private Proxy

• proxy is dedicated exclusively to one client at a time
• can be used by only one user
• 👍🏻 increased security, as you are the only user, less concern about your information being compromised
• 👍🏻 one user can take full advantage of speed

✅ Functions of Proxy

• Request forwarding

• Security: act like firewall(detect virus)

• Caching: save frequently requested resources in proxy cache 👍🏻 bandwidth saving, improved speed
  

• Load balancing

• SSL termination

• Filtering: control internet usage
  ・ 어린이에게 성인 콘텐츠 차단 위해 필터링 프락시 사용
  

• Access control: 웹 서버, 웹 리소스에 대한 클라이언트 별 접근 제한 ・ 클라이언트 1은 접근하게 해주고
  ・ 클라리언트 2는 접근 못하게 하고
  ・ 클라이언트 3은 접근하기 전 비밀번호 요구
  

• Surrogate: some proxies act like web servers

• surrogate proxy server: also known as reverse proxy or server accelerator

  • Surrogate proxies reviece request like web servers
    
  • but does not hold data itself
    
  • so communicates with other servers to find response
    
  • 👍🏻 improve slow web server response for shared content
    

• Contents router:

  • send request to specific web server like a contents router
    
  • example: A paid for faster service, and B didnt
    
  • content router would send A to cache(faster), but send B to original server
    
  • example: If C paid for filtering service, allow HTTP request to pass filtering proxy
    

• Transcoder

  • Transcoding: chaning data presentation for user
    
  • Transcoder proxy: change body content format before sending it to client
    
  • example: change GIF to JPG, change image size
    
  • compress text file, smaller text size for mobile environment
    
  • also translation into another language for foreign user
    

• Anoymizer: encrypt HTTP message to identify client

  • privacy ⬆️ security ⬆️ anomaly ⬆️
    
  • change user IP address and other identifying information
    
  • delete computer info, OS info from User-Agent header
    
  • delete FROM header to protect user email address
    
  • delete Referer header
    
  • delete cookie header to hide profile information
    

✅ Forward Proxy

exit point for subnet users seeking to connect with resources outside their private network

• send client request to server on behalf of client
• sit between client and internet

• handle outbound traffic from client to internet

• forward proxy server can cache client request
• protect client privacy

• can send client request to server anonymously

  • server can know only proxy server IP address
  • server cannot know client IP address
• content filtering
• access control
• bandwidth optimization

✅ Reverse Proxy

entry point for external systems to access resources within private subnet

• send server response to client
• sit between client and server

• manage inbound trafffic from internet to server

• reverse proxy server can cache client response

• protect server performance

  • client will think of reverse proxy as original server
  • client sends request to reverse proxy server
• load balancing
• compression: compress outgoing content to reduce bandwidth, speed up data transfer
• authentication, single sign on

📌 Gateway

protocol translation if client and server communicates in different protocol act like gatekeepers

• Proxy: connect two or more applications using same protocol
• Gateway: connect two or more applications using different protocol

📌 VPN proxy

• Virtual Private Network is a particular implementation of a proxy serer
• proxy: handle network traffic
• VPN: encrypt the transmitted data

📌 Is WAF a reverse proxy?

• YES, considered to be type of reverse proxy
• Web Application Firewall
• intercepts traffic before reaching server, prevent malicious requests
• prevent SQL injection, XXS, Session Hijacking