Webmasters Proxy
What is a “reverse proxy” in webmastering?
An HTTP proxy is a specific kind of server which will receive HTTP requests and forward them to another server.
The original use of proxies included:
Enable users on an internal network without full Internet access to browse the web: you would not have any direct TCP/IP connection to the whole internet, only to internal servers, and one of these, the proxy, which would have access to the rest of the internet, would act as a gateway.
Perform access control: only some users are allowed to access “the web” (HTTP servers on the Internet), or users are allowed to only access some web servers (using either whitelists: only listed servers can be accessed, or blacklists: all servers but those listed can be accessed), or a combination of both.
Perform content control: this can include checking for “sensitive” stuff, like p0rn or malware. It could just block videos. Or downloads of executable files, zips, or whatever.
Caching. This was very common back in the 90s to save on bandwidth: the proxy would cache the results of request, so subsequent users (or the same one) requesting the same URL would get the data from the local cache. Useful when links to the Internet were slow and congested, though it requires many users to access the same ressources to be useful.
Censorship and sniffing of communications. By terminating the HTTP(S) connections at the proxy, data can be decrypted there before being encrypted again on the other leg, which allows all sorts of legitimate and less legitimate stuff to happen.
A combination of the above, and probably a few more I forget.
This type of proxy is still relatively common in enterprise networks, mostly for access and content control. It is also a common tool in countries where the regime wants to know what you do, read, or say.
In most cases, the proxy is configured (though usually automatically) in the browser. In some cases, a transparent proxy can be set up (though this is a lot more difficult with SSL/TLS).
With this type of proxy, the browser can request any URL (provided the proxy is willing, of course), and the communication is usually thought as “internal to external”.
The other type of proxy, which came a tiny bit later, is the reverse proxy. In this case, we’re doing the opposite: people from all over the Internet will go through this proxy before reaching the final server.
This is useful for:
Load balancing / fault tolerance: one or more proxies will receive the traffic, and then forward to farms of servers based on availability, load, etc.
Separation of traffic: some web servers may be specialised. For instance, mixing on the same server both static files (CSS, JS, images, videos, etc. ) and dynamic content (PHP,, Java… ) may be suboptimal. A reverse proxy may redirect traffic to different servers based on the request.
Hiding internal architecture details. You could have lots of different ressources (pages) on the same domain, but served by lots of different servers with different technologies. One bit could be PHP, another Java. Even with the same tech, they could use very different stacks, access different databases, etc.
Caching. Frequently requested ressources can be cached on the proxy.
SSL/TLS termination. To reduce the CPU requirements for TLS encryption/decryption on the server, the proxy could do that instead.
CDN: a CDN can be caching + load balancing + fault tolerance pushed to the extreme: you put proxies all over the world, and they serve files from the local cache (a lot quicker), and if not, get the data from the origin server.
Security: the proxy could do all sorts of filtering on URLs and submitted data to block malicious requests.
And probably a lot more cases which I forgot about.
Note that the “original” proxies are now often called “forward proxies” to differentiate them from reverse proxies.
Note that many HTTP server apps, including Apache and Nginx can actually do both HTTP serving and proxying in one or both directions. You can have setups where the same server will both serve local resources for some paths, and proxy to another server for others.
Webmasters guide to HTTP Load Balancer and front end proxies
Load balancers are generally used to distribute and balance client traffic between servers. There are a range of terms for traffic distribution starting with the very basic functionality of a proxy (as a front end or reverse proxy) to the more sophisticated application level or smart load balancing as provided by a modern load balancer or Application Delivery Controller (ADC).
In this in-depth look at the options available to webmasters, we will consider the full range of functionality available:
Front End Proxy (basic)
Reverse Proxy
Load Balancer
Application request routing
Layer 2-4 load balancing
Layer 7 load balancing
Load balancing algorithms
ADC
There are a number of products and solutions available to users
Kemp Free LoadMaster
Apache RR
HAProxy
NGINX
Windows NLB (now defunct)
Microsoft IIS ARR (Application Request Routing)
The main architectural solutions the server administrator needs to consider are
Security
Performance
High Availability
Routing Architecture (algorithms)
Sharing workload between servers
Avoiding Server Dependencies
With IIS, Apache (mod_proxy) and Windows NLB – the load balancing and application routing is hosted on the actual application servers. Placing the load balancing function on the application servers is not a good idea as not only does it impact on server performance, it also does not provide the resilience necessary for transparent application failover in the event of a server failure. Ensuring resilience in the event of a server failure would require the deployment of some type of high-availability service on the application server which would consume additional server resources.
With NGINX, Apache (mod_proxy) and ARR on IIS, processing is handled locally on the application server and must be configured and maintained on each of these servers. The options for traffic distribution are limited and often only offer round robin load balancing. With no ability to perform out-of-band health checks, host based load balancers can’t intelligently and independently route traffic during an application or server problem, periods of high demand, an attack (for example DDOS) or if the server has become unresponsive.
Server independence moves heavier, repetitive tasks to a separate server, for example a hardware load balancer or virtualised machine which offers a single point of management and may be optimized to deliver much higher capacity. As application servers become busy, a dedicated load balancer with health checking can assess the capacity of servers and distribute traffic to the most capable servers. Health checking also provides failover capability as the load balancer forwards traffic away from problem servers.
Layer 7 and HTTP Acceleration
An ADC load balancer is made up of a suite of software tools working in concert. They can be deployed as dedicated devices with the software preinstalled, on to existing server hardware, or as a virtual server on VMware vSphere, Microsoft Hyper-V, Amazon Web Services, Microsoft Azure, or other cloud services. Think of the ADC load balancer as a complex system of network optimisation tools that include:
A web server component
A number of traffic and routing optimisation algorithms
Image caching (reducing web server load)
Content caching
Compression
Content Switching and Rewriting
SSL Encryption/Decryption (further load reducing)
Single Sign On (preventing users having to login when being switched between servers)
GEO and DNS failover
Cookie Persistence
Some solutions require the integration of multiple components to deliver a fully featured solution for Application layer 7 and HTTP acceleration. Not only is this time consuming, it can also be risky as flaws are introduced during integration leading to instability and leaving services with vulnerabilities. Using a fully integrated solution removes the pain of integration and the use of a tried and tested removes risk.
Load Balancing Algorithms
Not all applications have the same properties when deployed across multiple servers and load balancers need to support a wide range of load balancing algorithms to support the varying application requirements.
Round Robin
This method tells the LoadMaster to direct requests to Real Servers in a round robin order.
Weighted round robin
This method allows each server to be assigned a weight to adjust the round robin order. E. g. “Server 1” can get 2 times the request that “Server 2” gets.
Least connection
This method tells the LoadMaster to look at the connections going to each server and send the next connection to the server with the least amount of connections.
Weighted least connection
This method allows each server to be assigned a weight to adjust the least connection order. “Server 1” can get 2 times the connections that “Server 2” gets.
Agent-Based Adaptive Balancing
This method is resource based load balancing where an agent gets installed on the server and monitors the servers resources (e. RAM, CPU…) and then reports back a percentage to the LoadMaster which is used for load balancing.
Fixed weighting
This method is used for Redundancy rather than Load Balancing, all connections will go to the server with the highest weight in the event this server fails then the server with the next highest weight takes over.
Weighted response time
This method looks at the response times of the real servers (based on the response time of the server health check) and which every real server is responding fastest gets the next request.
Source IP hash
This method looks at the source IP address that sent the request to the LoadMaster and will create a HASH value for it and if the HASH value is different then it gets sent to a different Real Server.
Application Delivery, Performance and Scalability matrix
Platforms
Kemp Free
NGINX (Open Source)
Apache (mod_proxy)
IIS with ARR
Varnish
Feature
Caching
Advanced HTTP Load Balancing
SSL Offload
Server Health Check
Integrated Security
Web Application Firewall
IPS
IDS
Custom SSO Forms
Implementation and Solution Delivery
Integrated Virtual Appliance
Live Activity Monitoring
Java API
Full RESTful API
Global Server Load Balancing
Free Anonymous Web Proxy – WebMaster View
Free Anonymous Web Proxy – WebMaster View
Read all 98 Comments Selected Comments: 13
yo facebook aint working on the school computer it keep showing error even when i used this site watz up wit dat
February 24, 2011 at 12:51 am
Try visiting via proxy
February 25, 2011 at 12:54 pm
Anonymous
this site also working
December 15, 2009 at 7:21 am
bee
If you r School dont allow Youtube. Then do this then search your video.. it will say youtube tho but its on google they cant do nothing google is a safe server any questions email me with your name and what your emailing about..
December 9, 2009 at 11:44 pm
These websites work!!!
and if u have anymore just email me at
October 21, 2009 at 12:28 am
kbabii
i can only get onto bebo and facebooks log in pages and it wont load after that why is this??
October 14, 2009 at 1:38 pm
mags
Alright. I still haven’t figured out a way to get onto sites like myspace, and facebook. but I have figured out a way to get on Msn, AIM, and yahoo.
In your browser, type in remember to include the S after.
it should work.
if not, sorry.
good luck!
October 13, 2009 at 8:21 pm
Carson
hey i need hlep getting all the proxys to be unblocked to get around fliter…. can some1 help me this filter does detect outside sourses and anonomous websites!!! can some1 please help me!!!! i need to game! …. the fliters name is… smart filter and i cant get on anything fun!!! please help me! (distress)!!!!
September 15, 2009 at 9:34 pm
zach
great it worked, but anyway as flybug says, it wont work with facebook
August 31, 2009 at 2:19 am
bebe
this would be awesome if you could get into ur facebook page…whiich i can’t do. do u know any websites that allows u to do so???
August 19, 2009 at 6:36 pm
fLyBuG
hey i need help asap my skool have blocked tagged
August 7, 2009 at 5:41 am
thomas
if you realy have probs with getting to blocked websites try also it’ll really work! enjoy!
August 6, 2009 at 12:45 pm
nature
Website worked great
June 30, 2009 at 12:45 am
Levi
about
contact
sitemap
subscribe
Twitter
Facebook
RSS feed