Presentation is loading. Please wait.

Presentation is loading. Please wait.

Presented by Michael Rainey South Mississippi Linux Users Group

Published byJared Russell Modified over 6 years ago

Similar presentations

Presentation on theme: "Presented by Michael Rainey South Mississippi Linux Users Group"— Presentation transcript:

1 Presented by Michael Rainey South Mississippi Linux Users Group
Reverse Proxys Presented by Michael Rainey South Mississippi Linux Users Group

2 Reverse Proxy What is a reverse proxy Why use a reverse proxy
How to configure a reverse proxy

3 Reverse Proxy What is a proxy server?

4 Reverse Proxy A proxy server is a dedicated computer or a software system that acts as an intermediary between an endpoint device, such as a computer, and another server from which a user or client is requesting a service.

5 Reverse Proxy What is a forward proxy
A forward proxy is a proxy configured to handle requests for a group of clients under the local Administrators control to an unknown or arbitrary group of resources that are outside of their control. Usually the word “forward” is dropped and it is referred to simply as a proxy. A well known example of a forward proxy is named squid.

6 Reverse Proxy What is a forward proxy

7 Reverse Proxy What is a reverse proxy
In computer networks, a reverse proxy is a type of proxy server that retrieves resources on behalf of a client from one or more servers. These resources are then returned to the client as if they originated from the proxy server itself. Apache web server can be configured as a reverse proxy. For the purposes of this discussion Apache will be used in the demo.

8 Reverse Proxy What is a reverse proxy

9 Reverse Proxy Why use a reverse proxy?

10 Reverse Proxy Load Balancing
This is the reverse proxy function that people are most familiar with. Here the proxy routes incoming HTTP requests to a number of identical web servers. This can work on a simple round-robin basis

11 Reverse Proxy Security
A reverse proxy can hide the topology and characteristics of your back-end servers by removing the need for direct internet access to them. You can place your reverse proxy in an internet facing DMZ, but hide your web servers inside a non-public subnet.

12 Reverse Proxy Authentication
You can use your reverse proxy to provide a single point of authentication for all HTTP requests.

13 Reverse Proxy SSL Termination
Here the reverse proxy handles incoming HTTPS connections, decrypting the requests and passing unencrypted requests on to the web servers. This has several benefits: Removes the need to install certificates on many back end web servers. Provides a single point of configuration and management for SSL/TLS Takes the processing load of encrypting/decrypting HTTPS traffic away from web servers. Makes testing and intercepting HTTP requests to individual web servers easier.

14 Reverse Proxy Serving Static Content
Some reverse proxy servers can also act as web servers serving static content. The average web page can often consist of megabytes of static content such as images, CSS files and JavaScript files. By serving these separately you can take considerable load from back end web servers, leaving them free to render dynamic content.

15 Reverse Proxy Caching A reverse proxy can act as a cache. You can either have a dumb cache that simply expires after a set period, or better still a cache that respects Cache-Control and Expires headers. This can considerably reduce the load on the back-end servers.

16 Reverse Proxy Compression
In order to reduce the bandwidth needed for individual requests, the reverse proxy can decompress incoming requests and compress outgoing ones. This reduces the load on the back-end servers that would otherwise have to do the compression, and makes debugging requests to, and responses from, the back-end servers easier.

17 Reverse Proxy Centralized Logging and Auditing
Because all HTTP requests are routed through the reverse proxy, it makes an excellent point for logging and auditing.

18 Reverse Proxy URL Rewriting
Sometimes the URL scheme that a legacy application presents is not ideal for discovery or search engine optimisation. A reverse proxy can rewrite URLs before passing them on to your back-end servers.

19 Reverse Proxy Aggregating Multiple Websites Into the Same URL Space
In a distributed architecture it’s desirable to have different pieces of functionality served by isolated components. A reverse proxy can route different branches of a single URL address space to different internal web servers.

20 Reverse Proxy Aggregating Multiple Websites Into the Same URL Space
Internal Web Servers: Routed from a single external domain:

21 How to configure a reverse proxy in Apache

22 Reverse Proxy External server: smlug.org <Virtualhost *:80>
ServerName smlug.org ProxyRequests off ProxyPass “/ftp” “ ProxyPassReverse “/ftp” “ ProxyPass “/sip” “ ProxyPassReverse “/sip” “ ProxyPass “/vpn” “ ProxyPassReverse “/vpn” “ </Virtualhost>

Download ppt "Presented by Michael Rainey South Mississippi Linux Users Group"

Similar presentations

Enabling Secure Internet Access with ISA Server

Enabling Secure Internet Access with ISA Server
Welcome to Middleware Joseph Amrithraj

Welcome to Middleware Joseph Amrithraj
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
By Vikas Debnath KV IT-Solutions Pvt. Ltd.

By Vikas Debnath KV IT-Solutions Pvt. Ltd.
Web Caching Schemes1 A Survey of Web Caching Schemes for the Internet Jia Wang.

Web Caching Schemes1 A Survey of Web Caching Schemes for the Internet Jia Wang.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
Web Server Hardware and Software

Web Server Hardware and Software
Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.

Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Implementing ISA Server Caching. Caching Overview ISA Server supports caching as a way to improve the speed of retrieving information from the Internet.

Implementing ISA Server Caching. Caching Overview ISA Server supports caching as a way to improve the speed of retrieving information from the Internet.
1 Web Content Delivery Reading: Section 9.2.2 and 9.4.3 COS 461: Computer Networks Spring 2007 (MW 1:30-2:50 in Friend 004) Ioannis Avramopoulos Instructor:

1 Web Content Delivery Reading: Section and COS 461: Computer Networks Spring 2007 (MW 1:30-2:50 in Friend 004) Ioannis Avramopoulos Instructor:
Proxy Servers Dr. Ronald Bergmann, CIO, ISO. Proxy servers A proxy server is a machine which acts as an intermediary between the computers of a local.

Proxy Servers Dr. Ronald Bergmann, CIO, ISO. Proxy servers A proxy server is a machine which acts as an intermediary between the computers of a local.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
Web Proxy Server Anagh Pathak Jesus Cervantes Henry Tjhen Luis Luna.

Web Proxy Server Anagh Pathak Jesus Cervantes Henry Tjhen Luis Luna.
Web Cache. Introduction what is web cache?  Introducing proxy servers at certain points in the network that serve in caching Web documents for faster.

Web Cache. Introduction what is web cache?  Introducing proxy servers at certain points in the network that serve in caching Web documents for faster.
1 Enabling Secure Internet Access with ISA Server.

1 Enabling Secure Internet Access with ISA Server.
On the Use and Performance of Content Distribution Networks Balachander Krishnamurthy Craig Wills Yin Zhang Presenter: Wei Zhang CSE Department of Lehigh.

On the Use and Performance of Content Distribution Networks Balachander Krishnamurthy Craig Wills Yin Zhang Presenter: Wei Zhang CSE Department of Lehigh.
BY- NIKHIL TRIPATHI 12MCMB10.  What is a FIREWALL?  Can & Can’t in Firewall perspective  Development of Firewalls  Firewall Architectures  Some Generalization.

BY- NIKHIL TRIPATHI 12MCMB10.  What is a FIREWALL?  Can & Can’t in Firewall perspective  Development of Firewalls  Firewall Architectures  Some Generalization.
Server Load Balancing. Introduction Why is load balancing of servers needed? If there is only one web server responding to all the incoming HTTP requests.

Server Load Balancing. Introduction Why is load balancing of servers needed? If there is only one web server responding to all the incoming HTTP requests.
Intranet, Extranet, Firewall. Intranet and Extranet.

Intranet, Extranet, Firewall. Intranet and Extranet.

Similar presentations

Ads by Google