Server proksi (bahasa Inggris: proxy server) adalah sebuah server(sistem komputer atau aplikasi) yang bertindak sebagai perantara permintaan dari klien mencari sumber daya dari server lain. Klien A terhubung ke peladen perantara, meminta beberapa servis, seperti berkas, koneksi, halaman web, atau sumber daya lainnya, yang tersedia dari peladen yang berbeda. Server perantara mengevaluasi permintaan menurut aturan penyaringan. Sebagai contoh, mungkin tapis lalu lintas oleh [alamat [IP]] atau protokol. Jika permintaan divalidasi oleh tapis, perantara menyediakan sumber daya dengan menghubungkan ke peladen yang relevan dan meminta layanan atas nama klien. Sebuah peladen perantara secara opsional dapat mengubah permohonan klien atau menanggapi di server, dan kadang-kadang mungkin melayani permintaan tanpa menghubungi peladen yang ditetapkan. Dalam hal ini, tanggapan yang tembolok dari remote peladen, dan selanjutnya kembali permintaan konten yang sama secara langsung.
kebanyakan proxy merupakan web proxy, yang mengizinkan penggunanya untuk mengakses konten di internet. server proxy memiliki banyak jenis sesuai dengan tujuanya, termasuk:
- Untuk menjaga mesin di balik anonim (terutama untuk security).[1]
- meningkatkan akses ke sumber (menggunakan caching). Web proxy biasanya digunakan untuk cache halaman internet dari server web.[2]
- mnerapkan aturan akses terhadap internet atau isinya, e.g. to block undesired sites.
- Untuk penggunaan log / audit, yaitu untuk menyediakan karyawan perusahaan pelaporan penggunaan Internet.
- Untuk melewati kontrol keamanan/ parental.
- memindai perpindahan konten bila terdapat malware sebelumya.
- Untuk memindai konten outbound, misalnya untuk perlindungan data dari kebocoran.
- Untuk menghindari pembatasan regional.
Sebuah server wakil yang melewati permintaan dan balasan yang belum diubah biasanya disebut gateway atau kadang disebut tunneling proxy.Sebuah server wakil dapat ditempatkan di komputer lokal pengguna atau pada berbagai titik antara pengguna dan server tujuan di Internet.A reverse proxy adalah (biasanya) Internet-menghadap proxy yang digunakan sebagai front-end untuk mengontrol dan melindungi akses ke server di jaringan pribadi, umumnya juga melakukan tugas-tugas seperti load-balancing, dekripsi otentikasi, atau caching.Tipe proksi
Forward proxies
Forward proxies are proxies where the client server names the target server to connect to.[3] Forward proxies are able to retrieve from a wide range of sources (in most cases anywhere on the Internet).The terms "forward proxy" and "forwarding proxy" are a general description of behaviour (forwarding traffic) and thus ambiguous. Except for Reverse proxy, the types of proxies described on this article are more specialized sub-types of the general forward proxy concept.Open proxies
An open proxy is a forward proxy server that is accessible by any Internet user. Gordon Lyon estimates there are "hundreds of thousands" of open proxies on the Internet.[4] Ananonymous open proxy allows users to conceal their IP address while browsing the Web or using other Internet services.Reverse proxies
A reverse proxy is a proxy server that appears to clients to be an ordinary server. Requests are forwarded to one or more origin servers which handle the request. The response is returned as if it came directly from the proxy server.[3]Reverse proxies are installed in the neighborhood of one or more web servers. All traffic coming from the Internet and with a destination of one of the web servers goes through the proxy server. The use of "reverse" originates in its counterpart "forward proxy" since the reverse proxy sits closer to the web server and serves only a restricted set of websites.There are several reasons for installing reverse proxy servers:- Encryption / SSL acceleration: when secure web sites are created, the SSL encryption is often not done by the web server itself, but by a reverse proxy that is equipped with SSL acceleration hardware. See Secure Sockets Layer. Furthermore, a host can provide a single "SSL proxy" to provide SSL encryption for an arbitrary number of hosts; removing the need for a separate SSL Server Certificate for each host, with the downside that all hosts behind the SSL proxy have to share a common DNS name or IP address for SSL connections. This problem can partly be overcome by using the SubjectAltNamefeature of X.509 certificates.
- Load balancing: the reverse proxy can distribute the load to several web servers, each web server serving its own application area. In such a case, the reverse proxy may need to rewrite the URLs in each web page (translation from externally known URLs to the internal locations).
- Serve/cache static content: A reverse proxy can offload the web servers by caching static content like pictures and other static graphical content.
- Compression: the proxy server can optimize and compress the content to speed up the load time.
- Spoon feeding: reduces resource usage caused by slow clients on the web servers by caching the content the web server sent and slowly "spoon feeding" it to the client. This especially benefits dynamically generated pages.
- Security: the proxy server is an additional layer of defense and can protect against some OS and WebServer specific attacks. However, it does not provide any protection to attacks against the web application or service itself, which is generally considered the larger threat.
- Extranet Publishing: a reverse proxy server facing the Internet can be used to communicate to a firewalled server internal to an organization, providing extranet access to some functions while keeping the servers behind the firewalls. If used in this way, security measures should be considered to protect the rest of your infrastructure in case this server is compromised, as its web application is exposed to attack from the Internet.
Uses of proxy servers
A content-filtering web proxy server provides administrative control over the content that may be relayed through the proxy. It is commonly used in both commercial and non-commercial organizations (especially schools) to ensure that Internet usage conforms to acceptable use policy. In some cases users can circumvent the proxy, since there are services designed to proxy information from a filtered website through a non filtered site to allow it through the user's proxy.A content filtering proxy will often support user authentication, to control web access. It also usually produces logs, either to give detailed information about the URLs accessed by specific users, or to monitor bandwidth usage statistics. It may also communicate to daemon-based and/or ICAP-based antivirus software to provide security against virus and other malware by scanning incoming content in real time before it enters the network.Many work places, schools, and colleges restrict the web sites and online services that are made available in their buildings. This is done either with a specialized proxy, called a content filter (both commercial and free products are available), or by using a cache-extension protocol such as ICAP, that allows plug-in extensions to an open caching architecture.Some common methods used for content filtering include: URL or DNS blacklists, URL regex filtering, MIME filtering, or content keyword filtering. Some products have been known to employ content analysis techniques to look for traits commonly used by certain types of content providers.for more information visit this web