Reverse Proxy
What is Reverse Proxy?
Reverse ProxyA server placed in front of one or more backend services that receives client requests on their behalf and forwards them inward.
A reverse proxy presents a single public endpoint and forwards incoming traffic to internal application servers chosen by routing rules. Beyond simply relaying requests, it terminates TLS, balances load across backends, caches responses, rewrites URLs, enforces authentication, and shields the origin servers from direct exposure. Many security controls — WAF rules, bot management, rate limiting, DDoS mitigation, HTTP/2 and HTTP/3 offload — are implemented at the reverse proxy because all traffic flows through it. Common implementations include NGINX, HAProxy, Envoy, Traefik, and CDN edges such as Cloudflare or Fastly.
● Examples
- 01
An NGINX reverse proxy terminating TLS for several microservices behind a single domain.
- 02
A CDN edge serving as a reverse proxy that filters malicious requests before they reach the origin.
● Frequently asked questions
What is Reverse Proxy?
A server placed in front of one or more backend services that receives client requests on their behalf and forwards them inward. It belongs to the Network Security category of cybersecurity.
What does Reverse Proxy mean?
A server placed in front of one or more backend services that receives client requests on their behalf and forwards them inward.
How do you defend against Reverse Proxy?
Defences for Reverse Proxy typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for Reverse Proxy?
Common alternative names include: Inverse proxy, Edge proxy.