Skip to content

Proxy Servers for DDoS Mitigation

Proxy Definition

Learn all about anti DDoS proxy servers: A proxy is a computer, software system that sits between clients application and a real server. It is used to filter cache.

Importance

It’s main importance is that it improves performance of group users because it saves results of all requests a specific amount of time. They can also be used to filter request for example; restricting some staff in the organisation from accessing certain sets of websites. The server might be in the computer system or as a separate server that forwards requests to firewall. A proxy server can also be helpful in troubleshooting as it logs in its interactions. On the other hand a proxy server can also be used to monitor traffic and undermine user privacy.

How proxy servers works

A proxy server receives its requests from the internet source for example a web page looks into its previously requested pages cache, finds the page and forwards it to the requester/client without necessarily forwarding it back to the internet. When the page is not found in its cache,the server uses its IP address on behalf of the user to ask/prompt the information from the internet and when the information is prompted, the server relates the content to the original page and forwards it to the requester. The server is evidently invisible to the user.

Types of Proxies

Forward Proxies

These proxies sends the user’s request onward to a web server. This is achieved by directly surfing to a web proxy addresses or configuring their internet settings. They increase security and privacy but can also be used to download illegal materials like pornography or copyrighted materials.

Normal Proxies

This is a regular caching proxy server that listens on a separate port and the client’s browser is configured and sends requests for connectivity on that port. The proxy server receives the request, gets the content and saves a copy for future reference.

Reverse Proxies

A reverse proxy appears ordinary to the clients. Its usage benefits the web server rather than the client.It handles all requests on the destination server without any asking for any action from the requester. It caches all the answers and answers the requester from its cache to reduce load on the web server. This is also known as Web server Acceleration.

Uses of Reverse Proxies

Acts a security measure: To enable indirect access and disallowing direct connections. This protects the system against OS and web server attacks.

Load Balancing between servers: It distributes the load to web servers serving specific application areas. Thus rewriting URLs in each web page.

Compression: Reverse proxies have the ability to compress and optimize content to speed up load time.

Communication: It can be used for extranet publishing where it communicates to a firewall server used internally in the organisation. Thus providing extranet access to certain functionalities while the server is kept behind the firewalls.

Web server Acceleration: By reducing load on the we server and also by SSL hardwares.

Cache static content: This is by caching graphic content, pictures and other static content.

DDoS Mitigation Using Reverse Proxies

DDOS mitigation can be defined as strategies employed in attempt to curb or reduce Distributed denial of service attacks (DDOS) on the net linked to the internet. The mitigation can be done by running network traffic through scrubbing filters. This requires correctly identifying human traffic from robots by analyzing signatures and examining IP addresses, javascript and other attributes. Since the reverse proxy sits between the client and the actual server, it acts an intermediary improving the bandwidth consumption by caching content. This can prevent DDOS attack in that; domains with DNS records are used to map IP addresses. For example domain AAA.com has “A” DNS records which would resolve to its IP 123.123.123.123 allowing attackers to take IP and DDOS it. Multiple reverse proxies are set up where the domain sits behind to mitigate the attacks in that if one chooses to DDOS AAA.com only one reverse proxy will go down. Therefore, DDOS-protected reverse proxies could be applied to mitigate attacks. Nginx can be passed down as a reverse proxy to mitigate DDOS attack, specifically Apache DDOS attack. Nginx is deployed as a reverse proxy in front of the Apache system and by tuning some variables in Nginx small DDOS attacks are withstood.

There are several more or less known provider who offer DDoS protection by reverse proxy. The largest and most well known being CloudFlare. Other providers who offer an anti DDoS proxy for websites are JavaPipe, Incapsula and Sucuri. Each have their pros and cons, but ultimately help their customers mitigate DDoS attacks against their services.

In conclusion, mitigation methods in existence to maintain the insignificant origin but there are many sources of information leakage. Therefore to achieve DDOS protection, the affected organizations should seek in-line DDOS protection services that cannot be by-passed, whereby if the filtering appliance is inline then knowing the IP address of the origin does not help the attacker. This can be achieved by physically placing the filter directly in the path of the servers.

Be First to Comment

Leave a Reply

Your email address will not be published. Required fields are marked *