Most prime difference between is Reverse Proxy senses connections from outside(Internet) to your application servers where Forward Proxies filter connections going out from application servers.
Reverse Proxies take origin connections from the internet and connect them to one server or a server farm, meaning multiple inbound connections from the internet are pooled into one or more connections to the servers - basically TCP Multiplexing.
Reverse proxies are good for a. SSL Offloading b. Delegation to server farm c. Compression d. Load Balancing e. caching f. Single Sign On
Forward Proxies are used to filter connections from visiting harmful sites. Best practice is when your application needs to talk to external system that only whitelist 1 IP for incoming connections rather from your server farm.
Examples - Reverse Proxy
<VirtualHost *:80>
ServerName codehealed.com
ServerAlias codehealed.com
Redirect / https://codehealed.com/
</VirtualHost>
<VirtualHost *:443>
ProxyTimeout 500
ProxyPreserveHost On
ProxyVia On
ServerName codehealed.com
ServerAlias codehealed.com
SSLEngine on
SSLCertificateFile /etc/pki/tls/private/jp.crt
SSLCertificateKeyFile /etc/pki/tls/private/jp.key
SSLCACertificateFile /etc/pki/tls/private/rootjp.cer
ErrorLog /var/log/httpd/ch-site-error_log
TransferLog /var/log/httpd/ch-site-access_log
ProxyPass / http://xxx.xxx.x.xx/
ProxyPassReverse / http://xxx.xxx.x.xx/
</VirtualHost>Examples - Reverse Proxy
<VirtualHost *:8080>
# Enable forward proxy
ProxyRequests On
# Add "Via" header
ProxyVia On
#ProxyRemote * http://...:8080 Uncomment to route requests through another proxy
<Proxy *>
Order deny,allow
Deny from all
# Allow access only from local network
Allow from 192.168.1
</Proxy>
# Enable caching proxy
CacheRoot "/tmp"
CacheMaxExpire 24
CacheLastModifiedFactor 0.1
CacheDefaultExpire 1
ServerName my-proxy
ErrorLog "/var/log/httpd/proxy-error.log"
CustomLog "/var/log/httpd/proxy-access.log" common
</VirtualHost>
Comments