A reverse proxy is called “reverse” because it acts in the opposite way of a traditional (forward) proxy.
What a forward proxy does:
- A forward proxy sits in front of clients (users).
- It acts as an intermediary for client requests going out to the internet.
- For example, a company might use a forward proxy so their employees’ requests to websites go through it for caching, filtering, or anonymity.
- The client knows about and configures the forward proxy.
What a reverse proxy does:
- A reverse proxy sits in front of servers (websites or services).
- It acts as an intermediary for client requests coming into the server.
- Clients make requests to the reverse proxy as if it were the server; the reverse proxy forwards the requests to one or more backend servers.
- The backend servers may be hidden or protected by the reverse proxy.
- The client usually doesn’t know about the backend servers or the reverse proxy itself.
Why “reverse”?
- The forward proxy proxies on behalf of clients going outward to servers.
- The reverse proxy proxies on behalf of servers handling incoming client requests.
- So, it’s the “reverse” direction of proxying: inbound to servers instead of outbound from clients.
Typical uses of reverse proxies:
- Load balancing between multiple servers
- Caching content to improve performance
- SSL termination (decrypting HTTPS)
- Web application firewall / security
- Hiding or protecting origin servers
“Reverse” proxy means the proxy is on the server-side, proxying incoming requests for servers, reversing the usual client-side proxy role.
