Difference Between Forward & Reverse Proxy

Two co-brothers doing different works. Both doing opposite works

  • Most prime difference between is Reverse Proxy senses connections from outside(Internet) to your application servers where Forward Proxies filter connections going out from application servers.
  • Reverse Proxies take origin connections from the internet and connect them to one server or a server farm, meaning multiple inbound connections from the internet are pooled into one or more connections to the servers - basically TCP Multiplexing.
  • Reverse proxies are good for a. SSL Offloading b. Delegation to server farm c. Compression d. Load Balancing e. caching f. Single Sign On

  • Forward Proxies are used to filter connections from visiting harmful sites. Best practice is when your application needs to talk to external system that only whitelist 1 IP for incoming connections rather from your server farm.

Examples - Reverse Proxy

<VirtualHost *:80>
     ServerName javapathshala.com
     ServerAlias javapathshala.com
     Redirect / https://javapathshala.com/

<VirtualHost *:443>
    ProxyTimeout 500
    ProxyPreserveHost On
    ProxyVia On

    ServerName javapathshala.com
    ServerAlias javapathshala.com

    SSLEngine on
    SSLCertificateFile /etc/pki/tls/private/jp.crt
    SSLCertificateKeyFile /etc/pki/tls/private/jp.key
    SSLCACertificateFile /etc/pki/tls/private/rootjp.cer

    ErrorLog /var/log/httpd/jp-site-error_log
    TransferLog /var/log/httpd/jp-site-access_log

    ProxyPass / http://xxx.xxx.x.xx/
    ProxyPassReverse / http://xxx.xxx.x.xx/

Examples - Reverse Proxy

<VirtualHost *:8080>
  # Enable forward proxy
  ProxyRequests On
  # Add "Via" header
  ProxyVia On
  #ProxyRemote * http://...:8080 Uncomment to route requests through another proxy
<Proxy *>
  Order deny,allow
  Deny from all
  # Allow access only from local network
  Allow from 192.168.1

# Enable caching proxy
CacheRoot "/tmp"
CacheMaxExpire 24
CacheLastModifiedFactor 0.1
CacheDefaultExpire 1

ServerName my-proxy

ErrorLog "/var/log/httpd/proxy-error.log"
CustomLog "/var/log/httpd/proxy-access.log" common

Web Apache Web Server Proxy Server Load Balancer HA Proxy

Dialogue & Discussion