Reverse Proxy

Definition

A reverse proxy is a server that sits in front of backend servers and routes client requests to one or more application servers. Unlike a forward proxy (which sits in front of clients), a reverse proxy sits in front of servers and acts as an intermediary for incoming requests.

Clients communicate with the reverse proxy as if it were the origin server; the reverse proxy then forwards the request to the appropriate backend server and returns the response.

Reverse Proxy vs Forward Proxy

Feature	Reverse Proxy	Forward Proxy
Sits in front of	Servers	Clients
Purpose	Protect/accelerate servers	Anonymize/monitor clients
Visibility	Clients don’t know backends	Servers don’t know clients
Use case	Load balancing, caching	Corporate internet filtering
Example	NGINX, Cloudflare	Squid, corporate proxy

Reverse Proxy Functions

Function	Description
Load balancing	Distribute traffic across multiple backends
SSL termination	Decrypt TLS, forward unencrypted to backends
Caching	Cache responses to reduce backend load
Compression	Compress responses before sending to clients
DDoS protection	Absorb and filter malicious traffic
Authentication	Handle auth before reaching backends
Rate limiting	Throttle requests per client
URL rewriting	Rewrite paths before forwarding
WAF	Web application firewall rules

Common Reverse Proxy Tools

Tool	Type	Notes
NGINX	Open-source	Most popular, high performance
Apache httpd	Open-source	Modular, .htaccess support
Traefik	Cloud-native	Kubernetes/Docker auto-discovery
HAProxy	Open-source	Dedicated load balancer + reverse proxy
Caddy	Open-source	Auto-HTTPS, Let’s Encrypt built-in
Envoy	Open-source	Cloud-native, service mesh sidecar
Cloudflare	Cloud	CDN + reverse proxy + WAF

Reverse Proxy Example (NGINX)

server {
    listen 443 ssl;
    server_name example.com;

    ssl_certificate /etc/ssl/cert.pem;
    ssl_certificate_key /etc/ssl/key.pem;

    location / {
        proxy_pass http://backend_app:8080;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

Load Balancer — reverse proxy provides application-layer protection
Web Server — NGINX/Apache act as both web server and reverse proxy

References

Wikipedia: https://en.wikipedia.org/wiki/Reverse_proxy
NGINX reverse proxy docs: https://docs.nginx.com/nginx/admin-guide/web-server/reverse-proxy/
MDN Reverse Proxy: https://developer.mozilla.org/en-US/docs/Glossary/Reverse_proxy