Why is network proxy technology so popular? Forward proxy | Reverse proxy

2024.02.16

1. The concept of agency

I believe everyone has heard of the word proxy. Proxy plays an irreplaceable role in network architecture, such as accessing Internet websites through proxies in a local area network, accessing networks that cannot be directly connected through proxies, etc. In the network architecture, proxy servers play an important role, and Nginx, as a high-performance web server and reverse proxy server, is widely used in practical applications. Today we introduce forward proxy and reverse proxy, including basic concepts, principle analysis and related configuration cases. (With the development of proxy technology, many websites have also made relevant anti-reverse proxy configurations. It is possible that you have configured the relevant proxy, but you are not allowed to access it.)

2. Forward Proxy

1.Basic introduction

Forward proxy means that the proxy server sends requests to the server on behalf of the client. In the forward proxy scenario, the client does not directly access the target server, but accesses it through the forward proxy server. Typical application scenarios of forward proxy include accessing restricted websites, protecting client privacy, etc.

This kind of proxy is actually quite common in life. For example, when accessing foreign websites, proxy technology is used. Sometimes, users want to access a foreign website. The website cannot be accessed directly in China, but we can access a proxy server, and this proxy server can access the foreign website. In this way, the user's access to the foreign website needs to forward the request through the proxy server, and the proxy server will also return the response to the request to the user. This process of accessing the Internet uses a forward proxy.

2.Principle

When the client initiates a request, the request is first sent to the forward proxy server, then the proxy server forwards the request to the target server, and finally returns the response from the target server to the client. The core of forward proxy is that the proxy server acts as a representative of the client, hiding the client's true identity. Typical forward proxy technology: VPN network.

  • Forward proxy requires relevant proxy configuration on the client, such as adding a proxy address in the browser, etc.
  • The forward proxy is the client proxy, which proxies the client. The server does not know the client that actually initiated the request.
  • When accessing the target server through the forward proxy server, the target server does not know who the real client is, or even knows that the person accessing it is a proxy (sometimes the intermediary directly pretends to be a tenant).

3.Usage scenarios

  • Break through access restrictions: Through the proxy server, you can break through your own IP access restrictions and access foreign websites, education networks, etc.
  • Improve access speed: Often proxy servers set up a larger hard disk buffer and save responses to part of the requests in the buffer. When other users access the same information again, the information is taken out directly from the buffer and passed to users to improve access speed.
  • Hide the client’s real IP: Internet users can also use this method to hide their own IP to protect themselves from attacks.

4. Configuration case

Suppose we need to use Nginx as a forward proxy to access www.baidu.com, we can achieve this through the following Nginx configuration:

server {
    listen 80;
    server_name a.proxy.xyz;

    location / {
        resolver 8.8.8.8;
        proxy_pass http://www.baidu.com;
    }
}
  • 1.
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.

In this configuration, we define an Nginx service named a.proxy.xyz. When the client accesses the service, Nginx will proxy the request to www.baidu.com, realizing forward proxy access to the Baidu website. .

3. Reverse Proxy—Reverse Proxy

1.Basic introduction

A reverse proxy is when the proxy server sends responses to the client on behalf of the server. In a reverse proxy scenario, the client directly accesses the proxy server, and the proxy server is responsible for forwarding the request to the back-end target server and returning the target server's response to the client. Reverse proxies are often used in scenarios such as load balancing and security protection.

2.Principle

When the client sends a request, the request first reaches the reverse proxy server, and then the proxy server forwards the request to the back-end target server according to the configuration rules, and finally returns the response of the target server to the client. The core of a reverse proxy is that the proxy server hides the true identity of the backend server. Common reverse proxy technology: Nginx load balancing.

A reverse proxy is a server-side proxy that acts as a proxy for the server. The client does not know the server that actually provides services.

3.Usage scenarios

  • Hide the server's real IP: Using a reverse proxy, you can hide the server's IP address from the client.
  • Load balancing: The reverse proxy server can perform load balancing and distribute client requests to different real servers based on the load conditions of all real servers.
  • Improve access speed: The reverse proxy server can provide caching services for static content and dynamic content with a large number of access requests in a short period of time, improving access speed.
  • Provide security guarantee: The reverse proxy server can be used as an application layer firewall to provide websites with protection against web-based attacks (such as DoS/DDoS), making it easier to detect malware, etc. It can also provide unified encryption and SSL acceleration (such as SSL terminal proxy) for back-end servers, and provide HTTP access authentication, etc.

4. Configuration case

Assume that we need to use Nginx for load balancing configuration. We can achieve this through the following Nginx configuration:

http {  
    # 定义代理服务器地址  
    upstream backend {  
        server backend1.example.com;  
        server backend2.example.com;  
    }  
    # 其他配置项...  
    server {  
        # 监听端口  
        listen 80;  
        # 代理到后端服务器  
        location / {  
            proxy_pass http://backend;  
        }  
    }  
}
  • 1.
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.
  • 16.

This configuration uses Nginx's upstream module to define the address of the backend server, and uses the proxy_pass directive in location to proxy the request to the defined backend server group. This configuration makes Nginx become a reverse proxy server, forwarding the client's request to the backend server, and then returning the response from the backend server to the client.

Summarize

The proxy technology shared today has many uses in life. For example, you can build your own proxy to access relevant websites or provide technical support to those who need it. That’s it for now. I hope everyone can understand, such as how to solve the problem of accessing openai in China. Related interfaces can be solved using agents.