kids encyclopedia robot

Proxy server facts for kids

Kids Encyclopedia Facts
Proxy concept en
Communication between two computers connected through a third computer acting as a proxy server. This can protect Alice's privacy, as Bob only knows about the proxy and cannot identify or contact Alice directly.

In computer networking, a proxy server is like a middleman computer. It sits between your computer (the client) and another computer (the server) that has the information you want, like a web page. Instead of connecting directly to the server, your computer sends its request to the proxy server first.

The proxy server then checks your request and gets the information for you. This can help make your internet use more private, secure, and sometimes even faster. Proxy servers were created to help organize and protect information in large computer systems. They act on your behalf, sometimes hiding who you really are from the website you're visiting.

Different Kinds of Proxy Servers

A proxy server can be on your own computer or somewhere else on the Internet between you and the website.

  • A proxy that just passes requests without changing them is often called a gateway.
  • A forward proxy helps you get information from many different places on the internet.
  • A reverse proxy usually sits in front of a server on a private network. It helps control and protect access to that server. Reverse proxies can also help share the workload among many servers, check who you are, make data secure, and store copies of websites for faster access.

Open Proxy Servers

Open proxy h2g2bob
An open proxy forwarding requests from and to anywhere on the Internet

An open proxy is a type of proxy server that anyone on the internet can use. In 2008, an expert thought there were "hundreds of thousands" of these open proxies online.

  • Anonymous proxy: This server tells the website that it's a proxy, but it doesn't share your computer's real internet address (IP address). This can help hide where your request came from.
  • Transparent proxy: This server tells the website it's a proxy and also shares your computer's real IP address. The main benefit of this type is that it can store copies of websites to make them load faster for everyone.

Reverse Proxy Servers

Reverse proxy h2g2bob
A reverse proxy taking requests from the Internet and forwarding them to servers in an internal network. Those making requests connect to the proxy and may not be aware of the internal network.

A reverse proxy acts like a regular server to people using it. But behind the scenes, it sends requests to one or more other servers that actually have the information. The answer then comes back through the reverse proxy, so you don't know which specific server provided it.

Reverse proxies are often used near web servers. All internet traffic going to those web servers passes through the reverse proxy. They are called "reverse" because they are closer to the web server, unlike forward proxies which are closer to the user.

Here are some reasons why reverse proxies are used:

  • Making connections secure: They can handle the complex task of encrypting data (like for secure websites using SSL/TLS), taking the load off the main web server.
  • Sharing the workload: A reverse proxy can send requests to different web servers to make sure no single server gets too busy.
  • Storing static content: They can store copies of things like pictures and other unchanging parts of a website. This makes the website load faster and reduces the work for the main servers.
  • Making files smaller: The proxy can compress content to help pages load quicker.
  • Helping slow connections: It can slowly send content to users with slow internet, so the main web server isn't tied up waiting.
  • Adding security: The proxy acts as an extra layer of defense, protecting the main servers from some attacks.
  • Publishing information: They can allow people outside a company to access certain internal functions safely.

Forward vs. Reverse Proxy

Think of it simply: a reverse proxy mainly protects the server, while a forward proxy mainly protects the client (you).

How Proxy Servers Are Used

Watching and Filtering Content

Controlling What You See

A web proxy server can control what content is allowed to pass through it. Schools and businesses often use these to make sure internet use follows their rules.

These proxies often require you to log in to access the internet. They also keep logs (records) of what websites people visit or how much internet data they use. They can even work with antivirus software to scan incoming content for viruses before it reaches your computer.

Many schools and workplaces block certain websites. They do this using a special proxy called a content filter. Sometimes, students try to get around these filters by using other proxy websites.

Proxies can block websites in several ways:

  • Using a list of forbidden website addresses (blacklists).
  • Blocking certain types of files or content based on keywords.

If content is blocked, you might see an error message. Companies that make these filters often use special computer programs to check websites and add them to their blocked lists.

Filtering Secure Information

Web filtering proxies usually can't see inside secure, encrypted connections (like when you see "https://" in a website address). This is because these connections are designed to be private.

However, in places like workplaces, your computer might be set up to trust a special certificate that the proxy owns. In this case, the proxy can act like a "man-in-the-middle" and look at the secure information.

Getting Around Blocks and Censorship

If a website blocks access based on where your request comes from (like your country), using a proxy in a different country can help you access that website.

Web proxies are the most common way people get around government censorship. Some companies also use proxy networks to gather information for their business.

If a proxy uses a blacklist to filter content, you might be able to get around it by using another service that proxies information from a non-blocked location.

CPT-Proxy
Many organizations block access to popular websites such as Facebook. Users can use proxy servers to circumvent this security. However, by connecting to proxy servers, they might be opening themselves up to danger by passing sensitive information such as personal photos and passwords through the proxy server. This image illustrates a common example: schools blocking websites to students.

Keeping Records and Spying

Proxies can be set up to secretly watch the information flowing between your computer and the internet. Everything you send or access—including passwords and cookies—could be captured and looked at by the proxy operator. This is why you should always use secure connections (like SSL/TLS) for important things like banking or email.

By using a chain of proxies that don't reveal your original location, it's possible to hide your online activities. However, each proxy in the chain leaves a trace. If you don't know who runs these proxies, you might think you're safe when you're not.

Sometimes, people using proxies find themselves blocked from certain websites. This happens because many forums and sites block IP addresses from proxies that have been used for spam or bad behavior.

Making Things Faster

A caching proxy server makes requests faster by saving copies of content that has been asked for before. This means if you or someone else asks for the same website again, the proxy can give you the saved copy instead of getting it from the original server. This helps large organizations save internet data and makes things much faster. Most internet providers and big businesses use caching proxies.

Special proxies called Performance Enhancing Proxies (PEPs) are used to fix problems with internet connections, especially slow or unreliable ones (like wireless or mobile networks). They can make better use of the network, for example, by combining small messages or compressing data.

Translating Websites

A translation proxy server helps make a website available in different languages. When people from different countries visit the website, their requests go through the translation proxy. The proxy then translates the content from the original language into the visitor's language as it passes back through. These translations can be done by computers, people, or a mix of both.

Accessing Services Anonymously

An anonymous proxy server tries to hide who you are when you browse the web. The website you visit receives requests from the proxy, not from your computer directly. However, the proxy server itself knows who you are, so you need to trust the proxy. Many anonymous proxies are supported by showing ads to users.

Controlling Access: Some proxy servers require you to log in. In big companies, this helps them track who uses the internet. Some anonymous proxies might accidentally share your IP address by including certain information in the request. Others, called "elite" or "high-anonymity" proxies, make it seem like the proxy server is you. To be extra safe, you might need to clear your cookies and cache.

Checking Ads for Location

Advertisers use proxy servers to check if their ads are showing correctly in specific locations. An ad server looks at your IP address to figure out your location. By using a proxy server located in a certain country or city, advertisers can test if their ads are appearing for people in that area.

Security Measures

A proxy can help keep a company's internal network structure secret. This makes requests from computers inside the network anonymous, which improves security. Proxies can also work with firewalls for even more protection.

However, if a proxy is set up incorrectly, it could accidentally allow access to a network that should be private.

Sharing Resources Across Websites

Proxies allow websites to get resources (like images or music files) from other websites, even when security rules normally prevent direct linking. This helps websites use content hosted elsewhere while keeping your information safe.

Bad Uses of Proxies

Reselling Limited Products

Some people who buy and resell limited products (like rare sneakers or tickets) use web proxy servers. This helps them get around limits on how many items they can buy online.

How Proxies Are Made

Web Proxy Servers

Web proxies handle HTTP requests, which are what your browser uses to get web pages. When you use a web proxy, your browser sends the full website address to the proxy.

The proxy then gets the information and sends it back to you. Some web proxies allow a special "CONNECT" method to send any kind of data through the connection, often used for secure HTTPS traffic.

Examples of web proxy software include Apache, HAProxy, Nginx, Squid, and Varnish.

SOCKS Proxy

SOCKS is another type of proxy that can forward different kinds of data after a connection is made. It's similar to the HTTP CONNECT method used by web proxies.

Transparent Proxy Servers

A transparent proxy (also called an intercepting proxy) works without you even knowing it's there. It intercepts your internet traffic without needing any special setup on your computer. Transparent proxies are usually placed between your computer and the internet, acting like a router.

The official definitions say:

  • A 'transparent proxy' doesn't change your request or the website's response, except for what's needed for the proxy to work.
  • A 'non-transparent proxy' changes the request or response to offer extra services, like making you anonymous.

In 2009, a security problem with transparent proxies was found, affecting many of them.

Why They Are Used

Businesses often use intercepting proxies to make sure people follow internet rules and to make managing the network easier, since no special browser settings are needed.

Internet providers in some countries also use them to save internet data and make websites load faster for customers by storing copies of content. This is common where internet data is expensive or limited.

Problems with Intercepting Proxies

When a proxy intercepts a connection, it creates some issues. The proxy needs to know the original website address and port you wanted to reach, which isn't always easy. There are also some types of cyberattacks that can happen because intercepting proxies might not check the original destination properly.

Intercepting can also cause problems with logging into websites, especially if both the proxy and the website require you to log in.

Finally, intercepting connections can make it harder for shared caches to work properly, meaning some requests might not be saved for faster access later.

How They Are Set Up

In systems where the firewall and proxy are on the same computer, they can easily share information about the original destination.

Interception can also be done using a special protocol called WCCP (Web Cache Control Protocol), which allows the router to send specific traffic to the proxy.

Once traffic reaches the proxy computer, it's often intercepted using something called NAT (Network Address Translation). This setup is invisible to your browser, but the proxy is still visible to the website you're visiting. Newer systems can use "TPROXY" to hide the proxy's IP address from other network devices.

How to Detect Them

You can sometimes tell if you're using an intercepting proxy:

  • Compare your computer's external IP address (what the internet sees) with the address an external website sees. Many websites show you your IP address.
  • Compare results from IP checkers when using secure (HTTPS) vs. non-secure (HTTP) connections. Most intercepting proxies don't intercept secure connections. If you suspect SSL is being intercepted, check the website's security certificate.
  • Use a tool like traceroute to see the path your data takes for different types of internet traffic.
  • Try to connect to a website that doesn't exist. A proxy might accept the connection and then try to forward it, leading to a different error message than if you tried to connect directly.
  • Some special programs or web applications can send signals back to their server to detect a proxy.

CGI Proxy Servers

A CGI web proxy lets you access websites by typing the website address into a form on a special web page. It then gets the content and shows it to you. This is useful if you can't change the proxy settings on your device or network. The first CGI proxy was created in 1996.

Most CGI proxies use software like CGIProxy, Glype, or PHProxy. While they are less popular now because of VPNs, hundreds of CGI proxies are still online.

Some CGI proxies were made to help people with disabilities access websites, but many were shut down because too many people used them to get around local filters. This caused too much traffic. Because of this, organizations sometimes hide their proxy addresses and only share them with people who truly need them.

Suffix Proxy Servers

A suffix proxy lets you access web content by adding the proxy server's name to the end of the website address (for example, "en.wikipedia.org.SuffixProxy.com"). These are easier to use than regular proxies but don't offer much privacy. They are mainly used to get around web filters, but modern filters often block them.

Tor Onion Proxy Software

Vidalia-0.0.11-svn
The Vidalia Tor-network map

Tor is a system designed to help you stay anonymous online. Tor software sends your internet traffic through a worldwide network of volunteer servers. This makes it harder for anyone to track your computer's location or what you're doing online. Using Tor helps protect your privacy and freedom.

"Onion routing" means your data is encrypted (scrambled) multiple times, like layers of an onion. Each Tor server in the path removes one layer of encryption before sending the data to the next server. This makes it very difficult for anyone to understand your original data as it travels.

I2P Anonymous Proxy

The I2P anonymous network is another proxy network focused on online anonymity. It uses a method called "garlic routing," which is an improved version of Tor's onion routing. I2P is spread out across many computers and encrypts all communications in several layers. It sends them through a network of volunteer-run routers. By hiding where the information comes from, I2P helps prevent censorship. I2P aims to protect users' personal freedom, privacy, and ability to do private business online.

Each I2P user runs an I2P router on their computer. This router finds other users and builds anonymous paths (tunnels) through them. I2P provides proxies for many different internet services.

Proxies vs. Network Address Translators (NAT)

The idea of a proxy is about how applications communicate (like your web browser talking to a website). Network address translation (NAT) is similar but works at a lower level of the network.

With NAT, you just set up your gateway (like your home router). But with a proxy, your computer always sends its requests to the proxy server first. The proxy then reads the request to find the real destination.

Because NAT works at a lower level, it uses fewer computer resources than a proxy, but it's also less flexible. Sometimes you hear about a 'transparent firewall'. This means the proxy uses its advantages without you knowing it's there. Your computer thinks it's talking directly to a NAT, but the proxy is secretly looking at the information.

DNS Proxy Servers

A DNS proxy server takes requests for website names (like "google.com") from your network and sends them to an internet DNS server. It can also store copies of these name lookups to make them faster.

Proxifiers

Some programs can "SOCKS-ify" requests. This allows them to connect to external networks through certain types of proxy servers, especially SOCKS proxies.

Residential Proxy Servers

A residential proxy uses a real internet address provided by an ISP (like your home internet company). These addresses come from actual devices like phones and computers of regular users. When you use a residential proxy, your request goes through one of these real home IP addresses. This makes it look like you are a regular internet user, making it harder for tracking tools to identify your real location.

Unlike regular residential proxies, rotating residential proxies (also called backconnect proxies) hide your real IP address behind a large group of proxies. These proxies switch automatically during your session or at regular times.

Even though providers say these proxy hosts are willing participants, many proxies are run on computers that might have been hacked, including Internet of things devices (like smart home gadgets). Researchers have found logs showing that these residential proxies are sometimes used for bad activities, like illegal promotions, phishing (tricking people into giving up information), and spreading malware.

See also

Kids robot.svg In Spanish: Servidor proxy para niños

Images for kids

kids search engine
Proxy server Facts for Kids. Kiddle Encyclopedia.