What is Proxy? Types of Proxies & it’s Workflow

In this tutorial I’m going to explain you Fundamentals of Proxy, it’s types & workflow.

• It is Server which intercept the request & forward to destination on behalf of Source.
• There are two types of Proxy Server i.e., Forward & Reverse Proxy.

Let’s dive deeper into this concepts

• Forward Proxy is server that hides users from Internet. It sits in front of group of users machines.
• When those computers make requests to sites and services on the Internet, the proxy server intercepts those requests and then forward this request to destination web servers on behalf of those clients, like a middleman.
• It is also called proxy, proxy server or web proxy.

Let’s take an example of Forward Proxy. How it works as middle man for users.

In above image you can see the users sends request to access google.com, the forward proxy will forward request to google.com server on behalf of users hiding the original IP address of them.

1. To bypass organisation restrictions

Most of the organisation have restriction on some content like gaming, illegal, shopping, entertainment etc. To bypass this restriction you can use forward proxies.

2. To block illegitimate or malicious content

Preventing malpractices of user accessing illegal or unauthorised content in the organisation.

3. Identity Protection on Web

You can protect your identity online using this forward proxy

• You can deploy proxy using FortiGate, Checkpoint, PaloAlto, Sophos, Squid (OpenSource), Baracudda, Symantec Bluecoat & Zscaler etc.
• Public Proxy Servers Free & Commercial are also available like Tor, Psiphon, Ultrasurf, NordVPN, Hotspotshield etc.
• To use public proxy server you need to install this on your system & connect the proxy to bypass the restrictions or for online identity protection.
• It is available in Hardware, Software (Virtual Machine) & as Service based on AWS, Azure, GCP & Cloudflare CDN etc.

• Reverse proxy sits in front of web servers, intercepting request from clients.
• When clients sent request to original server of website, those request are intercepted at network edge by reverse proxy server. After inspecting this request the reverse proxy server will then forward this to original web server on behalf of client.

Let’s take an example of reverse proxy server. How it work as middle man for Web Servers.

In the above image you can see that the client or users sent a request to access google.com, this requests are intercepted by Reverse Proxy Server & then they are forwarded to original server of website.

1. Hiding Original Server IP Address

It is used to hide original server IP Address so it becomes harder for attacker to leverage a targeted attack against server such as DDoS. Instead of original Server the attacker will target the Reverse Proxy which have Application DDoS protection to suppress the attack.

2. Server Load Balancing

It is also used to balance the Application as well as Network Load on the Server behind the Reverse Proxy.

3. Global Server Load Balancing

A website can be distributed on several servers around the globe and the reverse proxy will send clients to the server that’s geographically closest to them as a result it will minimise the load time because it decreases the distance of request & responses.

4. SSL Inspection

It can be configured to decrypt all incoming requests and encrypt all outgoing responses for deep inspection of request sent by client to prevent malicious payload in request from client.

You can deploy reverse proxy using Nginx, F5 LTM, FortiGate, Amazon Cloudfront & Cloudflare CDN etc.

It is available in Hardware, Software (Virtual Machine) & Service based on AWS, Azure, GCP & Cloudflare CDN etc.

It is advisable to use Forward Proxies to prevent Ex-filtration in organisation & Reverse Proxies to prevent DDoS, Web Application Infiltration attacks like SQL Injections, XSS, CSRF & File Inclusion on web server, augmented using bots & automated tools.