Forward Proxy
1. A forward proxy is the most common form of a proxy server and is generally used to pass requests from an isolated, private network to the Internet through a firewall. Using a forward proxy, requests from an isolated network, or intranet, can be rejected or allowed to pass through a firewall. Requests may also be fulfilled by serving from cache rather than passing through the Internet. This allows a level of network security and lessens network traffic.
2. An ordinary forward proxy is an intermediate server that sits between the client and the origin server. In order to get content from the origin server, the client sends a request to the proxy naming the origin server as the target and the proxy then requests the content from the origin server and returns it to the client. The client must be specially configured to use the forward proxy to access other sites.
3. The forward proxy is activated using the ProxyRequests directive. Because forward proxies allow clients to access arbitrary sites through your server and to hide their true origin, it is essential that you secure your server so that only authorized clients can access the proxy before activating a forward proxy.
The above image shows a forward proxy configuration. An intranet client initiates a request that is valid but is not cached on Server A (Proxy Server). The request is sent through the firewall to the Internet server, Server B (App Server), which has the information the client is requesting. The information is sent back through the firewall where it is cached on Server A and served to the client. Future requests for the same information will be fulfilled by the cache, lessening network traffic (proxy caching is optional and not necessary for forward proxy to function on your HTTP Server).
The above image shows a forward proxy configuration. An intranet client initiates a request that is valid but is not cached on Server A (Proxy Server). The request is sent through the firewall to the Internet server, Server B (App Server), which has the information the client is requesting. The information is sent back through the firewall where it is cached on Server A and served to the client. Future requests for the same information will be fulfilled by the cache, lessening network traffic (proxy caching is optional and not necessary for forward proxy to function on your HTTP Server).
FORWARD PROXIES ARE GOOD FOR:
· Content Filtering
· email security
· NAT’ing
· Compliance Reporting
Configuring FORWARD PROXIES:
ProxyRequests OnProxyVia On<Proxy *>Order deny, allow
Deny from all
Allow from internal.example.com
</Proxy>You can control who can access your proxy via the normal <Directory> control block using the following example:
<Directory proxy:*>
Order deny,allow
Deny from all
Allow from internal.example.com
</Directory>
You can control who can access your proxy via the <Proxy> control block as in the following example:
Order deny,allow
Deny from all
Allow from internal.example.com
</Directory>
You can control who can access your proxy via the <Proxy> control block as in the following example:
<Proxy *>Order Deny, allow
Deny from all
Allow from 192.168.0
</Proxy>
No comments:
Post a Comment