First, the concept of agency

I believe everyone has heard of the word agent, which has an irreplaceable role in the network architecture, such as accessing Internet websites through proxies in the local area network, accessing networks that cannot be directly connected through proxies, etc. Proxy servers play an important role in network architecture, and Nginx, as a high-performance web server and reverse proxy server, is widely used in practical applications. This section introduces forward and reverse proxies, including basic concepts, principle analysis, and related configuration cases. (With the development of proxy technology, many websites have also made relevant anti-reverse proxy configurations, and it is possible that you have configured relevant proxies, but you are not allowed to access them.) ）

2. Forward Proxy

1. Basic introduction

Forward proxy means that the proxy server sends a request to the server on behalf of the client. In the forward proxy scenario, the client does not directly access the target server, but through the forward proxy server. Typical use cases for forward proxies include accessing restricted websites, protecting client privacy, and more.

This kind of proxy is actually more common in life, such as accessing foreign website technology, which uses proxy technology. Sometimes, users want to access a foreign website, which cannot be accessed directly in China, but we can access a proxy server, and this proxy server can access this foreign website. In this case, the user's visit to the foreign website needs to forward the request through a proxy server, and the proxy server will also return the request response to the user. This process of surfing the Internet is the use of forward proxies.

2. Principle

When a client initiates a request, the request is first sent to the forward proxy server, which then forwards the request to the destination server, and finally returns the response from the destination server to the client. The core of forward proxy lies in the proxy server as the representative of the client, hiding the real identity of the client, a typical forward proxy technology: VPN network.

• Forward proxies need to be configured on the client, such as adding proxy addresses to the browser.
• A forward proxy is a client proxy, which proxies the client and the server does not know that the client actually initiates the request.
• Access to the target server through a forward proxy server, the target server does not know who the real client is, or even knows that it is a proxy accessing itself (sometimes the agent also directly impersonates the tenant).

3. Usage scenarios

• Break through access restrictions: Through proxy servers, you can break through your own IP access restrictions and access foreign websites, education networks, etc.
• Improve access speed: Proxy servers often set up a large hard disk buffer, which will save part of the request response to the buffer, and when other users access the same information, the information will be directly taken out from the buffer and transmitted to the user to improve the access speed.
• Hide the real IP of the client: Internet users can also hide their IP from attacks in this way.

4. Configure the case

Suppose we need to use Nginx as a forward proxy to access www.baidu.com, we can do this with the following Nginx configuration:

server {
    listen 80;
    server_name a.proxy.xyz;

    location / {
        resolver 8.8.8.8;
        proxy_pass http://www.baidu.com;
    }
}
1.
2.
3.
4.
5.
6.
7.
8.
9.

In this configuration, we define an Nginx service named a.proxy.xyz, and when a client accesses the service, Nginx will proxy the request to the www.baidu.com, realizing forward proxy access to Baidu's website.

3. Reverse Proxy

1. Basic introduction

A reverse proxy is when a proxy server sends a response to a client on behalf of the server. In the scenario of reverse proxy, the client directly accesses the proxy server, and the proxy server is responsible for forwarding the request to the destination server on the backend and returning the response of the destination server to the client. Reverse proxies are often used in scenarios such as load balancing and security protection.

2. Principle

When a client sends a request, the request first reaches the reverse proxy server, which then forwards the request to the destination server on the backend according to the configured rules, and finally returns the response from the destination server to the client. The core of a reverse proxy is that the proxy server hides the true identity of the backend server. Common reverse proxy technology: Nginx load balancing.

A reverse proxy is a server-side proxy, which is a server-side proxy that the client does not know about actually providing services.

3. Usage scenarios

• Hide the real IP address of the server: With a reverse proxy, you can hide the IP address of the server from the client.
• Load balancing: Reverse proxy servers can be load balanced, distributing client requests to different real servers based on the load of all real servers.
• Improve access speed: Reverse proxy servers can provide caching services for static content and dynamic content with a large number of access requests in a short period of time to improve access speed.
• Provide security: Reverse proxy servers can be used as application-layer firewalls, providing websites with protection against web-based attacks (such as DoS/DDoS) and making it easier to troubleshoot malware. It can also provide encryption and SSL acceleration (such as SSL terminal proxy) and HTTP access authentication for backend servers.

4. Configure the case

Suppose we need to use Nginx for load balancing configuration, we can use the following Nginx configuration:

http {  
    # 定义代理服务器地址  
    upstream backend {  
        server backend1.example.com;  
        server backend2.example.com;  
    }  
    # 其他配置项...  
    server {  
        # 监听端口  
        listen 80;  
        # 代理到后端服务器  
        location / {  
            proxy_pass http://backend;  
        }  
    }  
}
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.

In this configuration, the upstream module of Nginx is used to define the address of the backend server, and the proxy_pass directive is used in the location to proxy the request to the defined backend server farm. This configuration makes Nginx a reverse proxy server, forwarding the client's request to the backend server, and then returning the backend server's response to the client.

summary

The proxy technology shared today is still used in life, for example, you can build a proxy by yourself to access relevant websites or provide technical support to those who need it, here is the point, I hope you can understand, for example, how to solve the problem of accessing openai-related interfaces in China, you can use proxies to solve it.