How does a proxy server work?
Typically, when you type in a URL or website name while browsing (e.g., Google.com), your Internet Service Provider (ISP) makes the request and connects your device to the destination server or web site. It will reveal your IP address to the site you’re connecting to and identifies where you are in the World, sometimes even down to the street level.
When a proxy server is used, an Internet request first goes from the computer to the proxy server, and then to the website. The proxy, however, uses a different IP address and hides your real IP address.
The diagram below shows how a web proxy operates and how it hides your IP address:
- Let’s suppose that your visible IP address is 188.8.131.52. You open a web browser, enter the website address www.website.com, and hit Enter. The web browser tries to access www.website.com. But, as you are using a proxy server, the request will be sent to the proxy server first, not to the www.website.com web server directly.
- The IP address of the proxy server is 184.108.40.206. The proxy server receives the request from your device or computer for www.website.com. It then sends the same request to the www.website.com web server but uses its IP address of 220.127.116.11, not your visible IP address (18.104.22.168).
- The destination website (www.website.com) is hosted on a web server. It receives the request from the proxy server and logs its IP address of 22.214.171.124. It then sends the web page back to the proxy server.
- Finally, the proxy server sends the web page back to your device, completing the entire transfer request.
What is the use of a proxy server? Proxy server benefits.
Using a proxy server has many advantages:
Improved Speed and Bandwidth Savings
Companies may use proxy servers to save bandwidth and improving performance as a proxy can be used to cache web pages and files from the Internet, compress traffic and even remove ads from websites before they reach the user’s computer. It can result in a massive saving in bandwidth, especially when significant numbers of employees access the same favorite sites.
A proxy server can store any web page that is accessed and when it is requested again, forward the local copy without having to download the page again, providing the content has not changed. It saves bandwidth and loads the page faster for the next user requesting the same resource.
Control Usage of the Internet – Monitoring and filtering
The main reasons companies use proxies is to implement content filtering (web filtering) and control what employees access from the Internet. Companies can, for example, ban specific websites, preventing employee access to them during office hours. Popular social networks including Facebook (learn how to unblock Facebook) and Twitter, adult websites and websites like 9gag.com that waste time is typically blocked on corporate networks.
Improved Internet Security
Proxy servers can also be used to enhance the security of business networks. They can provide encryption services and block access to malicious malware distributing websites.
When you connect to the Internet directly, the server where a website is hosted can access your real IP address and use it to determine your location. Browsers also send user agent information. Thus, the site can determine which browser is being used and the further personal information is provided by cookies that are stored on a computer.
When configured to do so, proxy servers hide the IP address, send different user agent data and either accept cookies but not send them to the device or PC, or block them altogether. Hiding your IP address makes browsing more anonymous than when connecting directly to the Internet. Also, a proxy allows accessing services anonymously.
Access to Blocked Websites
Countries like China and Iran block access to many websites and services on the Internet and proxy servers can be used to bypass this censorship.
When a service is only available in specific countries, a proxy server can be used to bypass filters and access this service from a different state.
back to menu ↑
Proxy server types
There are numerous types of proxy servers. Four common types of proxy are described below:
A reverse proxy server passes requests from the Internet to isolated, private networks through a firewall. They prevent Internet clients from having uncontrolled access to sensitive data stored on content servers. A reverse proxy can also be used to reduce computer network traffic by serving cached information instead of sending all requests to actual servers.
Anonymous proxy servers are used to conceal information. The IP address of the proxy is sent to websites instead of that of the computer that is being used to browse. Where a high level of security is required, communication between the proxy server and the client computer is encrypted.
A transparent proxy server is a forward proxy that passes a request to the resource required without concealing any information. The proxy server is used only to provide access to the resource for multiple computers within a network.
High Anonymity Proxy
A high anonymity proxy server does not appear as a proxy server and does not reveal the original IP address. These proxy servers make it seem as if the proxy is the client by only including the REMOTE_ADDR header with the IP address of the proxy server.
Anonymous proxies, transparent proxies, and high anonymity proxies are forward proxies as they basically forward the web requests to and from the destination servers.back to menu ↑
Proxy server implementations
Depending on their type and their expected behavior, proxies can be implemented in several ways.
Web proxy servers
A web proxy server forwards HTTP requests. Although the request from clients is the same as a regular HTTP request, the full URL is passed and not just the path.
Some web proxies allow forwarding of arbitrary data through the connection by using the HTTP CONNECT method.
SOCKS (Socket Secure) is an Internet protocol that exchanges network packets through a proxy server. A SOCKS proxy is similar to HTTP CONNECT and forwards arbitrary data after the connection phase. However, SOCKS operates at a lower level than an HTTP proxy. You may find more technical details regarding SOCKS proxies here.
A transparent proxy is also known as a forced proxy, inline proxy, or intercepting proxy. It intercepts regular communication at the network layer without any client configuration. An intercepting proxy often performs some of the functions of a router or gateway.
Transparent proxies are often used to enforce usage policies, and to reduce administrative overheads.
Intercepting proxies are also often used to improve response times by caching and saving upstream bandwidth.
A CGI web proxy accepts a target URL by using a Web form, processes the request, and returns the results. It can, therefore, be used on devices or networks that don’t allow “true” proxy settings to be changed.
Suffix proxies allow users to access web content by appending the name of the proxy server to the URL of the requested content. Although a suffix proxy server is easier to use than a regular proxy server, they don’t offer high levels of anonymity.
Tor onion proxy software
The Onion Router (Tor) is intended to provide online anonymity. Internet traffic for Tor clients is routed through a global proxy network of volunteer servers to conceal user’s usage or location.
Tor client software is free, with no extra charges for network usage.
I2P anonymous proxy
The I2P anonymous network aims for online anonymity using an enhanced Tor’s onion routing called garlic routing. The proxy is distributed and encrypts communications in different layers, relaying it through a router network operated by volunteers globally.
I2P supports many protocols including HTTP, IRC, and SOCKS.
I2P software is free, with no additional charges for network usage.
DNS proxy servers forward DNS queries to an Internet Domain Name Server. It may also cache DNS records.back to menu ↑
Proxy server security
Proxy servers can pose problems including:
- Proxies can change the requests made to a website or service, and this can generate unintended results.
- When unencrypted Internet connections are used, a proxy can change the responses received, both in bad and good ways. A malicious or infected proxy can, for example, be used to load malware into a browser or redirect the request to a phishing website.
- Depending on its configuration, proxy servers can make unencrypted data available where the website sent encrypted data. It could result in exposure to network sniffing.
- As a proxy server may monitor and log activities, this information could be used for identification at a later date. Thus, open proxies are not recommended for those interested in privacy and anonymity.
Proxy servers have many benefits, but they can cause problems, depending on their configuration, by whom they are administered and how they are secured.
Before using proxy servers, understand why they are used, who it is controlled by and whether the administrator can be trusted. Be cautious when using public proxies as some of these could be used for malevolent purposes and cause problems, rather than providing benefits.