Proxy server

This serves as a method to simplify or control the complexity of the request, or provide additional benefits such as load balancing, privacy, or security.

In 2008, network security expert Gordon Lyon estimated that "hundreds of thousands" of open proxies are operated on the Internet.

It is commonly used in both commercial and non-commercial organizations (especially schools) to ensure that Internet usage conforms to acceptable use policy.

Content filtering proxy servers will often support user authentication to control web access.

It also usually produces logs, either to give detailed information about the URLs accessed by specific users or to monitor bandwidth usage statistics.

It may also communicate to daemon-based or ICAP-based antivirus software to provide security against viruses and other malware by scanning incoming content in real-time before it enters the network.

This is done either with a specialized proxy, called a content filter (both commercial and free products are available), or by using a cache-extension protocol such as ICAP, that allows plug-in extensions to an open caching architecture.

Blacklists are often provided and maintained by web-filtering companies, often grouped into categories (pornography, gambling, shopping, social networks, etc.).

In a workplace setting where the client is managed by the organization, devices may be configured to trust a root certificate whose private key is known to the proxy.

[9]: 3 Web proxies are the most common means of bypassing government censorship, although no more than 3% of Internet users use any circumvention tools.

For this reason, passwords to online services (such as webmail and banking) should always be exchanged over a cryptographically secured connection, such as SSL.

By chaining the proxies which do not reveal data about the original requester, it is possible to obfuscate activities from the eyes of the user's destination.

If the policies and administrators of these other proxies are unknown, the user may fall victim to a false sense of security just because those details are out of sight and mind.

PEPs can make more efficient use of the network, for example, by merging TCP ACKs (acknowledgements) or compressing data sent at the application layer.

Some anonymizing proxy servers may forward data packets with header lines such as HTTP_VIA, HTTP_X_FORWARDED_FOR, or HTTP_FORWARDED, which may reveal the IP address of the client.

[16] Using a proxy server that is physically located inside a specific country or a city gives advertisers the ability to test geotargeted ads.

For clients, the problem of complex or multiple proxy-servers is solved by a client-server Proxy auto-config protocol (PAC file).

[22] Intercepting proxies are commonly used in businesses to enforce acceptable use policies and to ease administrative overheads since no client browser configuration is required.

This second reason, however is mitigated by features such as Active Directory group policy, or DHCP and automatic proxy detection.

Intercepting proxies are also commonly used by ISPs in some countries to save upstream bandwidth and improve customer response times by caching.

This problem may be resolved by using an integrated packet-level and application level appliance or software which is then able to communicate this information between the packet handler and the proxy.

In integrated firewall/proxy servers where the router/firewall is on the same host as the proxy, communicating original destination information can be done by any method, for example Microsoft TMG or WinGate.

Once traffic reaches the proxy machine itself, interception is commonly performed with NAT (Network Address Translation).

The first recorded CGI proxy, named "rover" at the time but renamed in 1998 to "CGIProxy",[25] was developed by American computer scientist James Marshall in early 1996 for an article in "Unix Review" by Rich Morin.

[28] Despite waning in popularity[29] due to VPNs and other privacy methods, as of September 2021[update] there are still a few hundred CGI proxies online.

[30] Some CGI proxies were set up for purposes such as making websites more accessible to disabled people, but have since been shut down due to excessive traffic, usually caused by a third party advertising the service as a means to bypass local filtering.

Using Tor makes tracing Internet activity more difficult,[32] and is intended to protect users' personal freedom and their online privacy.

I2P is fully distributed and works by encrypting all communications in various layers and relaying them through a network of routers run by volunteers in various locations.

The goals of I2P are to protect users' personal freedom, privacy, and ability to conduct confidential business.

[35] Any residential proxy can send any number of concurrent requests, and IP addresses are directly related to a specific region.

Two computers connected via a proxy server. The first computer says to the proxy server: "ask the second computer what the time is".
Communication between two computers connected through a third computer acting as a proxy server. This can protect Alice's privacy, as Bob only knows about the proxy and cannot identify or contact Alice directly.
Diagram of proxy server connected to the Internet.
An open proxy forwarding requests from and to anywhere on the Internet
A proxy server connecting the Internet to an internal network.
A reverse proxy taking requests from the Internet and forwarding them to servers in an internal network. Those making requests connect to the proxy and may not be aware of the internal network.
Many organizations block access to popular websites such as Facebook. Users can use proxy servers to circumvent this security. However, by connecting to proxy servers, they might be opening themselves up to danger by passing sensitive information such as personal photos and passwords through the proxy server. This image illustrates a common example: schools blocking websites to students.
Screenshot of computer program showing computer locations on a world map.
The Vidalia Tor-network map