How to significantly improve your application security with proxy server?

SUNDAY, FEBRUARY 02, 2020 12:50 PM    

Recently at work, I had been exposed to this terminology called Reverse Proxy & Proxy Server. As I dug deeper to make sense of the role and responsibilities of this piece of technology, I thought to share my learnings with you all. After all, this is a platform for active learning! Hope you have a better understanding of this topic through this post. If you wish to delve deeper into this topic on Proxy Servers, I’ve added in a youtube video i find useful to better explain the concept of proxy and reverse proxy to you.

As a software engineer exposed to DevOps and a System Administrator’s scope of work, you will probably hear at least one of the networking terms listed below:

  • OSI layers
  • Forward Proxy Server
  • Reverse Proxy Server
  • IP tables
  • CDNs
  • ModSecurity
  • Load-balancer, etc.

As an attempt to overcome the unknown, in today’s post, we will be addressing what are proxies. I will also attempt to explain the difference between Forward proxy and Reverse proxy. This post seeks to achieve 2 simple objectives:

  1. What is a proxy server?
  2. When do you consider using a proxy server?

What is a proxy server?

Firstly, before we delve into the term itself, what does proxy even mean?

Proxy by definition:

a figure that can be used to represent the value of something in a calculation

Therefore, based on Varonis, A proxy server acts as a gateway between you and the internet. It presents the client (such as a browser) to pass a request to the internet or to someone else. Often when we talk about proxy server, the forward proxy server is implied.

In laymen terms, it serves like a middleman. Below’s a simple diagram to show the flow of information:

Forward proxy

Source: Varonis

Often times, this forward proxy server will also be sitting in your network, regulating traffic before your request leaves your network.

When will we use this?

  • Would you like to block employees from visiting certain websites?
  • Do you wish to monitor employee online activity
  • Do you have malicious traffic you wish to block against?
  • Do you wish to improve the page load speed? It can be used to improve the user experience by caching external site content

In the context of a larger organization, if you answer “yes” from any of the questions above, perhaps you can consider a forward proxy server! This will perhaps be an overkill if you are to implement such a network for a single user usecase.

Although if you are interested to find out how to set this up in the name of learning, WHY NOT?

Here’s a link for you: How to set up a Reverse Proxy Server

Do you have a better understanding of what is a forward proxy? If you have further questions, feel free to leave a comment below. Remember this space serves as a platform for communial learning! (:

Part II: What is a Reverse proxy server?

A reverse proxy server serves as an intermediate connection point positioned at your network’s edge. In short, it is the receptionist of your network. Any request for your servers will first have to connect and ‘talk’ to your reverse proxy server (receptionist). A reverse proxy directs traffic based on which server you like to speak to.

In a technical explanation, a reverse proxy can perform Transport Layer Security (TLS) termination.

3 main steps typically performed by a Reverse Proxy Server

  1. Receives a user’s connection request
  2. Completes a TCP three-way handshake (Yes we will get to this topic soon enough), terminate the initial connection.
  3. Connects with origin server and forward the request to destination server.

Reverse proxy server

Source: Varonis

When will we use reverse proxy servers?

  • Do you want to improve your page load time and thereupon improve your user’s experience?
  • Do you want to secure your servers from Distributed Denial of Service (DDoS attack)?
  • Do you want to secure your server in general against Web application attacks? A Web Application Firewall (WAF) is usually implemented here.
  • Do you like to load balance your service? This will improve overall user experience and help ensure high availability of service! (If unsure, just implement this. It’s good stuff)


There you have it! A proxy server typically seeks to be the middle man for a cluster of services (and their respective servers). As a middle man, it helps:

  1. Safeguard your services against numerous malicious attacks,
  2. Enforces management polices,
  3. Improve load time through caching,
  4. Ensure high availability through load balancing.

This list is definitely not exhaustive. Hope it will spark some interest in your learning today. Cheers!