Reverse Proxy

Security+ πŸ† β€’ Network Security 🌐 β€’ Web Security πŸ•ΈοΈ β€’ Difficulty: premium

Definition

A reverse proxy is a server that sits in front of one or more backend servers and handles client requests on their behalf. It hides the backend servers, controls inbound traffic, and can add security and performance features such as TLS termination, load balancing, rate limiting, and web application firewall protections.

Examples

  • A company places a reverse proxy in front of its web application to terminate HTTPS, apply security headers, and forward traffic to internal servers.
  • A reverse proxy distributes requests across multiple application servers to improve reliability and handle spikes in traffic.

Discover πŸ”Ž

When you publish a web application to the internet, you expose an entry point into your environment. A reverse proxy adds a protective front door. Instead of clients connecting directly to the application servers, they connect to the reverse proxy. The reverse proxy then decides how to route, filter, and protect the traffic.

This design improves security by reducing direct exposure of backend servers and by creating a single place to enforce important controls.

Remember: With a reverse proxy, the client thinks it is talking to the application server, but it is actually talking to the proxy.
Open the interactive lesson Browse more topics

Tip: The interactive version includes progress tracking, decks, and premium deep dives.