Reverse proxy

 Reverse proxy:

Reverse proxy is used for proxing backend servers where the IP address and protocol used by the backend server will not be exposed to internet. Reverse proxy handles the request for transport medium like HTTP or TCP serves the request on behalf of the actual server. Here is IP address and protocol will be masked hence we can have a public IP configured for reverse proxy exposed to internet and serves the request on behalf of the actual Web server having private IPs. Protocol conversion will also be supported for example client browser can transport the data using HTTP which will hit the proxy and it will inturn convert to RPC or any properiatery protocol which backend server accepts.
Uses of reverse proxy is huge it serves as the following layers before connecting to actual server.
Caching - Want to some of the data to be cached for example some webpages, js script or any frequently used data can be cached in Reverse proxy.
Authentication and authorization - It can be used to check the user name and password or any authentication mechanism used. It will check confirm the authenticity and permission of the user before accessing the backend server hence freeing up most of the workloads in backend server.
Data analysis - It can used to analyze the data for example if we need monitoring or need IDS or IPS or Firewall reverse proxy can terminate the connection analyze the data and create a new connection to backend if there is no malware. It can also just log the data for further asynchronous processing by monitoring and alerting systems like ePO or SIEM.
SSL termination - This is one of frequently used use case in networking products. It does SSL termination of the HTTPS connection hence offloading most of the decryption workloads for backend servers. Then it transmits only HTTP data to backend server. So all the TLS certificate, key generation, algorithms all the configurations are managed by proxy freeing by the backend servers.
Load balancing - Some of the reverse proxy supports loadbalancing like Ngnix which can distribute the load to multiple backend servers based on algorithms like least connection, least resource etc. It can also reroute the traffic to the users nearest geolocated backend servers. Reducing the latency.
Security - Since it maskes IP and protocol hacker can reach the servers directly preventing from any major attacks. Any DDOS attack or ping attacks or flood attacks can be mitigated at the reverse proxy leaving the backend servers serving useful traffic.

Comments

Post a Comment

Popular posts from this blog

Decorators in python - Part 1

Decorators in python is very useful in data hiding and performing pre and post operation using simple function object. Below is a example of decorator and how its working in python interpretor. def sample_decorator ( func ):     def wrapper ( val ):         print ( "calling a function for pre-processing" )         return_value = func ( val )         print ( "calling post-processing function" )         return return_value     return wrapper def sample_function ( val ):     print ( f "hai from sample function { val } " ) if __name__ == "__main__" :     sample_function = sample_decorator ( sample_function )     sample_function ( 10 ) In python everything is object so what we are doing above is adding a syntatical sugar using a decorator that replaces the sample_function object with newly created sample_function object. We have created sample_function ...
Read more

Class Decorator practical uses - Part 2

Last part we have seen about function decorator and how to use it to add extensions to existing functions. We have seen how decorator are useful, today we can see about how to use class based decorator which will provide extension functionalities to existing functions. How we can configure a class decorator during creation so that we can configure a decorator for our need. Lets get started with code. def func ( msg ):     print ( f "Hai programmer we got this message { msg } for you " ) if __name__ == "__main__" :     func ( "Hello Developer" ) Now for adding a class decorator we need to understand two things one is how the constructor is invoked for a class and how functors is used while invoking an object of a class. While creating a instance of the  class like below. class MyDecorator :     def __init__ ( self , func ): obj = MyDecorator ( func ) Now we created an instance passing function as a parameter object. Since function is a first clas...
Read more

Public key cryptogrphy - How certificate validation works using certificate chain

Application of certificate- Its widely used as a mean for identity, passing the asymmetric public key used for key exchange, also provides integrity of certificate. In case if the client or server in TLS or SSL handshake want to trust the client/server it will validate the certificate of server/client by verfying the certificate signature.  What is digitial certificate - When I want a server using HTTPS communication I need to purchase a SSL certificate for my domain. The reason is when a browser does ssl handshake it need to validate the authenticity of the website also need to make sure this authenticity is not tampered during the transit. For this problem we use certificate. Certificate contains mainly two parts like attributes and signature.  Attribute contains - Issuer, Subject name like google.com, public key algorithm, public key etc. Signature - This is crucial part of having integrity and authenticy of the certificate. For eg if I am getting an end entity ceritificate...
Read more