A proxy server, in the world of computer networks, is a type of server (whether software or hardware), that performs intermediary roles for fulfilling the users’ requests for resources from various servers. A user connects to a proxy server when he/she requests for a resource such as a connection, file, or web page which is available from other servers. The proxy then fulfils the request based on its filtering rules.
Purposes of a Proxy Server
A proxy server has been built to fulfill many purposes. A few of them worth mentioning are:
- Security – For security purposes, a proxy server is designed to keep the machines –hardware or software – operating for it anonymous.
- Access Policy – A very useful purpose of proxy server is to access policies on a network or services that cannot be accessed for some reason. These mainly include blocked web pages.
- Bypass Security – A proxy service can by bypass the tough securities and also recheck the data for any malware before continuing on with the delivery.
- Circumvent Regional Restrictions – A proxy server can bypass or avoid any regional restrictions placed on web pages, files, images or music.
- Link to external resources – Using a proxy server, you can have access to external web resources that are hosted on different external servers.
- Audit Usage – A proxy server can serve the purpose of been a log or audit usage. This means that a proxy server can provide company-employee Internet usage reports.
- Data Leak Protection – Data leak protection is usually checked in outbound content through scanning.
Types of Proxy
There are three main types of proxy. These are:
- Forward Proxy – A forward proxy is one in which the user server names the target server to which it wants to connect. In other words, it answers request from an internal server and forwards it to the Internet. A forward proxy can retrieve data from a range of sources mostly the Internet. As the name suggests, forward proxy or sometimes called forwarding proxy is a generalized term for forwarding traffic to other servers.
- Open Proxy – This is a type of forward proxy server that forwards request to and from any server on the Internet. It is accessible by any Internet user from anywhere. According to an estimate, there are more than thousands of open proxy servers on the Internet. An open proxy can be anonymous i.e. users can use an anonymous open proxy to hide their IP addresses while using online services or browsing the Internet.
- Reverse proxy – A reverse proxy is an opposite of a forward proxy. It responds to requests made from the Internet and forwards it to the internal servers and networks. A reverse proxy server may appear like an ordinary server, but can handle more than one request at a time. A reverse proxy server is installed in the region of one or more web servers. All the requests forwarded from the Internet goes through a proxy server first and then to the web servers. A reverse proxy cannot be used for all web sites. Its functionality is limited to a certain set of websites.
Uses of Proxy
A proxy is very useful. Some of its uses are:
- Content Filtering – A web proxy server that provide content filtering enables the user to have administrative control over the website content that is relayed through the proxy server. It is used in non-commercial and commercial organizations to adhere to the acceptable Internet usage policy. In most cases, those with knowledge about the proxy can bypass it. User authentication often required to permit control over the web access. A proxy can also be used to provide detailed logs about the users’ Internet usage. Some common content filtering methods are DNS blacklists, URL blacklists, MIME filtering, URL regex filtering or content keyword filtering.
- Caching – A proxy can be used to perform like a caching server. As a caching server, the requests are accelerated by retrieving the required data or content from a previously accessed data set made by the same user. A caching server stores copies of frequently requested data which enables bandwidth reduction and costs.
- Bypassing filters and censorship – If destination servers have content filtering system in place, a proxy can be used to bypass this system. For instance, an IP-based on geolocation can restrict services to certain areas or country. It can be accessed by restricted areas using a proxy.
- Logging and eavesdropping – A proxy can be used to eavesdrop on the data flow between the web and user browser. All the content including cookies and passwords can be viewed by the eavesdrop proxy. As a result, it is always a good idea to exchange online service passwords using SSL or other cryptographically secured connection.
- Gateways to private networks – A proxy server can be used to perform a similar task like a network switch that links two or more networks together.
Implementation of proxies
Suffix Proxy – A suffix proxy enables a user to access the content of the website by attaching the name of the proxy server to the required content’s URL.
Transparent proxy – A transparent proxy also called a forced proxy or an intercepting proxy combines router or gateway to a proxy server. Connection between the browser and gateway is diverted to the proxy without knowledge of the user. A transparent proxy does not modify any request beyond the authentication and identification barrier.
Interception can be implemented using Cisco’s Web Cache Control Protocol. This is a protocol that exists on the gateway or router and is configured using the cache. It enables the cache to determine the amount of traffic and number of ports to use to send a request through a transparent proxy. This diversion can exist in two ways: MAC rewrites OSI Layer 2 or GRE Tunneling OSI Layer 3.
When the traffic reaches the proxy server, interception is performed with the help of Network Address Translation or NAT. Such an interception usually occurs without the user’s knowledge. Recently few BSD and Linux releases allow transparent proxy to hide the proxy IP address from other servers and networks.
Following are the proxy server platforms and providers:
- Apache Traffic Server
- Apache HTTP Server
- Microsoft Forefront Threat Management Gateway
- Pound reverse proxy
- Squid Cache
Access blocked websites
There are many ways to access any blocked website. Two most commonly used methods are an anonymizer and using a public proxy sever. You can even use you own proxy server, if you have one, to access restricted websites.
Access web via Anonymizer
An anonymizer is an anonymous proxy server that is capable of anonymizing browsing on the web. There are various types of anonymizers. One such server that acts as an anonymizer is a destination server. The server receives request from the anonymized proxy server preventing from accessing the user’s original IP address. In most organizations, login requirement is present to limit authorization to the web in this manner.
Certain anonymizing proxy servers can forward data with headers such as HTTP_VIA, HTTP_X_FORWARDED_FOR, or HTTP_FORWARDED. This can, after a certain point, reveal the location of the user. A high or elite anonymizing proxy server will have a header saying REMOTE_ADDR with the IP address of the server. This appears that the proxy server is the users’ functional server.
How to watch NetFlix, Hulu and BBC iplayer
If you are not residing in the United States and you try to access NetFlix and Hulu, the chances are that you will be denied access. Similarly, if you are not in United Kingdom and want to access BBC iPlayer, service may be denied. This is because all these websites have content filtering system which denies access to IP addresses outside the United States and the United Kingdom. Every area has its own IP address which lets the websites know where you are accessing it from.
So if you want to access these websites, you have to change your IP address. This can be done through a VPN. A VPN is a connection that does not require any external hardware. This connection is mostly used by businessmen to keep them connected to their office computers during travels. A VPN connection is very secure. Therefore, if you are sitting in Shanghai and want to access a file from your office computer in United States, a VPN can help.
This connection is used in bypassing IP addresses restrict access to websites such as NetFlix, Hulu and BBC iPlayer. This connection is not freely available. It comes with a cost that may be high but it will be worth it when you access restricted websites.
Web server proxies
A proxy that is limited to the traffic on the World Wide Web is known as web proxy. The most common purposed served by a web proxy is acting as a web cache. Many web proxies deny access to certain websites, thus enabling a feature of proxy – content filtering. A web server proxy is usually used in a corporate, library or educational system where restricted access is desired.