#FridayHacks: What Is A Proxy Server And Should You Have One?

A proxy server is a server or application installed on a computer system to act as an intermediary for transferring requests from clients for the resources they are seeking on other servers.

Makes sense? No?

By Stanford Mazhindu

Think of it as sitting in a taxi at the back, when it’s time to pay, you pass your money to the person in front of you and so on until the money reaches the conductor. Then if you have change the money will travel through the people again until it reaches you at the back. The people between you and the conductor are the proxies. They are responsible for transferring your money (request) to the conductor (Other server) and when you receive your change back (Web page etc.) you get it from the person you handed it to (Proxy) and not the conductor. That in essence is how a proxy server works; it’s mainly responsible for passing on request/s from client machines to servers. But that is not all they do, there are many different types of proxy servers that operate in the same way but for different reasons and uses.

Types of Proxy servers:

1. Web proxy

Web Proxy
Web Proxy

These are commonly used as caching servers. When client requests a web page, the request will go through the proxy server; usually configured port 3128, then go to the website, download the website and store a copy of the website locally then send the requested web page back to the client. When the same client or someone else using the same proxy server asks for the same web page, the proxy server then checks the URL to what it has in its cache. If they match then the proxy server will send to the client the cache web page instead of going to the web server and downloading the same thing again.

2. Anonymous Proxy

This type of server identifies itself as a proxy server (High anonymity Proxies do not identify themselves), strips the original IP address of the client and replaces it with its own. When the page is returned to the client, all compromising scripts are removed so as to protect the identity of the client.
If we go back to the taxi scenario, let us put a black sheet between the conductor and the passengers. When the conductor receives the money, he has no idea who paid and where the money is coming from. All he has to do is check it and if there is change, return to the last person he received it from and that’s it. The payee is hidden behind the black sheet and the conductor cannot identify him/her.

Anonymous Proxy
Anonymous Proxy

The advantage is obviously anonymity, can surf the web safely without fear of being tracked down.

Disadvantages however are that it is slow and web pages are downsized, because it has to remove and additional software scripts that might compromise identity, most web pages returned are text based with no Plugins or Cookies and the process takes time there for it takes longer to get the web pages.

3. Forward proxy

Forward Proxy
Forward Proxy

So you are sitting at work, try to access Facebook or twitter or any social media websites then you realise you can’t. The administrator has blocked access to these websites.  To a lay man that’s the end of the story but what if you are clever?

If you are a clever person what you will do when you get home is setup your own proxy server configure it, gather all the details you need to connect to the proxy over the internet, at work you open up internet explorer, configure the browser to use a proxy server but not just any proxy server… your own proxy server. So what happens now is you access your proxy server and your proxy server goes out to the internet and gets the websites for you, the webpages you are accessing are from the proxy server and not from the website directly.

In a nutshell this is how forwarding proxy servers work:

Computer X = You

Computer Y = Proxy server

Computer Z = Website (Facebook or Twitter or Instagram etc.)

Usually it would be: Computer X à Computer Z but if the administrator has blocked access to Computer Z then a forwarding proxy server would be used to make the connection so it becomes:

Computer X -> Computer Y -> Computer Z

Assuming the connection to Computer Y has not been blocked as well.

 

4. Reverse Proxy

reverseproxyarchitecturediagram
Reverse Proxy Architecture

Reverse proxies work in the same way as forwarding except in one important aspect: the client has no idea they are going through a proxy. It does not require any configuration on the client side.

Let’s look at the 3 computers again from forwarding proxies

Computer X = You, Computer Y = Proxy Server, Computer Z = Website (Facebook or Twitter or Instagram etc.)

Usually it would be: Computer X à Computer Z

However with a reverse proxy it would be

Computer X -> Computer Y -> Computer Z

Were computer Y and Z are administered by the website owner. But why would you want to do this, to what end and what are the benefits?

Load balancing – proxy server can distribute requests across various servers (See how CDN works)

Increased security – clients never interact with the web servers directly, that reduces attack surface

One channel of traffic – this can be used for website statistics

Uses of proxy servers

Depending on the need there are a variety of configurations and use for proxies, majority are used for content filtering, security, traffic logging, eavesdropping and improving performance.  When correctly setup up, it can lead to reduced internet abuse which in turn can save a lot of money.

So should you have one? The answer depends on the number of people in the house who have access to the internet and how they use the internet. If more than 5 people are accessing the same sort of websites then the answer is yes. For SMEs to large global conglomerate the answer is yes.

They are various software to use, I personally prefer squid on Ubuntu, listed below are a few to try:

CC proxy server

WinGate

Nginx

 

 

 

 

 

 

 

 

 

 

 

Leave a Reply

%d bloggers like this: