A proxy server is a computer that sits between a client and a server to intercept requests. There are several uses of a proxy server, but the most common is to speed network traffic by caching pages or files that are requested often. By doing so, the server can deliver the request quickly, only polling the server when required. In this way, it not only speeds up network traffic, but also relieves server load. Major Internet hubs and Internet Service Providers (ISPs) employ dozens of proxy servers.
Filtering or censorship is another use for a proxy server. A company that provides Internet connectivity to its employees might configure such a server to block requests for certain websites. It can also filter content based on configurable criteria to help enforce acceptable use policies.
If a proxy server does not require a Web browser to be configured to use the proxy, it’s called a transparent proxy. Otherwise, the Web browser must point to the proxy in order to use it. Companies favor the former, as employees cannot bypass it by reconfiguring their Web browsers. These types of servers are also commonly used as firewalls. They can scan for malware, viruses, and other threats, safeguarding the main server and network.
Secure Sockets Layer (SSL) servers used to create Virtual Private Networks (VPNs) sometimes use https proxies. These proxies speed traffic over secure channels and check for viruses in tunneled communications. The https proxy server can encrypt, decrypt, and cache encrypted data. Regular proxy servers cannot cache encrypted data for security reasons, and therefore serve no purpose in a VPN. There are differences of opinion as to whether https proxies create potential security risks.
Yet another use for a proxy server is to provide anonymous Web surfing. Many services provide proxies for the public to use to protect their online anonymity. The customer’s requests go to the website’s proxy server, which strips the customer’s Internet protocol (IP) address and sends them on their way. The information gets routed back to the proxy, which then forwards the pages to the customer’s browser. As far as the Internet is concerned, the only IP address on the remote server is the proxy’s IP address. Only the proxy knows the customer’s IP address. Companies that run anonymous proxy servers generally claim to wipe server logs often to protect customer privacy.
Another model includes a network of volunteer proxy servers. This model uses encryption to obfuscate the original IP address and ultimate route a request takes. As the request makes its way through the Internet from one proxy server to the next, each server in the middle can only read the adjacent steps in the chain. Contents, origin, and ultimate destination are all unavailable.
The final server decrypts the contents and delivers the request to the server without a plain text record of where the request originated. The page or file then returns the same way, through a series of encrypted steps. This system thwarts traffic analysis and protects privacy while protecting the proxy servers themselves.