A reverse proxy acts as a representative of a web server, handling incoming requests from clients on its behalf. This web server can be a single server or multiple servers. Additionally, it can be an application server such as Gunicor
In either scenario, a request would come in from a client through the internet at large. Normally, this request will go directly to the web server that has the resources the client is requesting. Instead, a reverse proxy acts as an intermediary, isolating the web server from direct interaction with the open internet.
From a client’s perspective, interacting with a reverse proxy is no different from interacting with the web server directly. It is functionally the same, and the client cannot tell the difference. The client requests a resource and then receives it, without any extra configuration required by the client.
Reverse proxies grant features such as:
Centralized security for the web server layer.
Directing incoming traffic based on rules you can configure.
Added functionality for caching.
While centralized security is a benefit of both forward and reverse proxies, reverse proxies provide this to the web server layer and not the client layer.
Instead of focusing on maintaining firewalls at the web server layer, which may contain multiple servers with different configurations, the majority of firewall security can be focused at the reverse proxy layer.
Additionally, removing the responsibility of interfacing with a firewall and interfacing with client requests away from web servers allows them to focus solely on serving resources.
In the case of multiple servers existing behind a reverse proxy, the reverse proxy also handles directing which requests go to which server. Multiple web servers might be serving the same resource, each serving different kinds of resources, or some combination of the two.
These servers can use the HTTP protocol as a conventional web server, but can also include application server protocols such as FastCGI. You can configure a reverse proxy to direct clients to specific servers depending on the resource requested, or to follow certain rules regarding traffic load.
Reverse proxies can also take advantage of their placement in front of web servers by offering caching functionality. Large static assets can be configured with caching rules to avoid hitting web servers on every request, with some solutions offering an option to serve static assets directly without touching the web server at all. Furthermore, the reverse proxy can handle compression of these assets.
The popular Nginx web server is also a popular reverse proxy solution. While the Apache web server also has reverse proxy feature, it is an additional feature for Apache whereas Nginx was originally built for and focuses on reverse proxy functionality.