Latest Announcemnent
New thread
Status
Not open for further replies.
I

iq2011

Active Member
61
2009
0
0
So what is Reverse Proxy ?

From what i read it hides the server real ip.
What advantages and disadvantages this have ? The server will become slower for example ?

Can i use it with all the hosts ?
 
28 comments
The way reverse proxy works is the dns ip is forwarded to server of reverse proxy
When a user tries to visit your website, reverse proxy server forwards the data from the original website tot he end user

CloudFlare could be taken as an example for a reverse proxy: http://www.cloudflare.com/
 
In computer networks, a reverse proxy is a type of proxy server that retrieves resources on behalf of a client from one or more servers
 
well cloudflare tells the people who send the dmca what your real hosting ip is

which means its pointless going to cloudflare because once the people get a email back from cloudflare with the ip of your host they will then send a dmca to them
 
Actually, reserve proxies doesn't really hide your server IP if anyone has excellent skills with dns they can easily findout your real server IP no matter what services you're using to hide your IP such as Cloudflare, and etc.

Cloudflare is not recommended for hosting warez site soon as a DMCA complaint comes it will be forwarded to you. They will give away your hosting provider they'll send an email to you letting you know they've given your hosting provider information over to the person sending the DMCA.
 
Actually, reserve proxies doesn't really hide your server IP if anyone has excellent skills with dns they can easily findout your real server IP no matter what services you're using to hide your IP such as Cloudflare, and etc.
Click to expand...

Not entirely true. A proper reverse proxy setup makes it impossible to figure out where the server behind it is coming from. Take thepiratebay, they have a bunch of reverse proxy servers scattered throughout the world that forwards requests to their "secret" backend.

There's many legitimate reasons to use a reverse proxy. Wikipedia uses the reverse caching proxy "squid" which serves cached wikipedia content to their viewers to avoid having to regenerate the page and hit their web cluster. This speeds up their website, but also saves them money as they do not need as many web servers to generate content.

CloudFlare in essence is a reverse caching proxy as well. They will cache static assets on their edge nodes so that when users load your site, only dynamic content is pulled from your servers, and static content (images, js, css, ..etc) are pulled from theirs. This speeds things up greatly, as their edge nodes are multicast IPs which automatically choose the closest geographical location to your visitor which leads to the least amount of latency possible. CloudFlare however will give up your backend IP in the case that it receives a DMCA request.
 
Not entirely true. A proper reverse proxy setup makes it impossible to figure out where the server behind it is coming from. Take thepiratebay, they have a bunch of reverse proxy servers scattered throughout the world that forwards requests to their "secret" backend.
Click to expand...
Not fully agree with it. That because I can find out easily your real IP if you are using Cloudflare. Not only that thepiratebay is really using a Germany Server and a NY server and they make it cloud on both of them. They also has 3-4 servers for Torrenting. All they using Cloud DNS and not a Reverse Proxy. What is Cloud DNS? That question is hard to explain. Because this is Mircosoft shit and those guy not give you the proper info. You can google but not get you the actual answer.
If you talking about DMCA that's depends on your data center or your hosting provider. You see WJ using a UK server. ;) They can use Ukraine, Sweden servers as well but they didn't why? Because they know only kids believe on offshore location can save him from DMCA. But sorry that;'s not true. :)
 
Last edited:
CloudFlare is a web accelerator. It's not a "real" reverse proxy. A properly set up reverse proxy makes it almost impossible to find the servers behind it (unless it is hacked into).

Cloud DNS is basically globally distributed DNS servers. The whole idea behind that is that you will always request the DNS server closest to you (this speeds things up, as a website cannot load until the hostname is resolved to an IP address.)

TPB no longer runs a tracker, they use magnet links which removes the need for tracker / .torrent.

A large website I am systems admin of uses 2 Nginx Reverse Proxies to proxy requests back to our backend. All clients see are the 2 IPs of our frontend proxies. It is nearly impossible with our rooting the proxies to find out the backend IP address.
 
ravim said:
Not fully agree with it. That because I can find out easily your real IP if you are using Cloudflare. Not only that thepiratebay is really using a Germany Server and a NY server and they make it cloud on both of them. They also has 3-4 servers for Torrenting. All they using Cloud DNS and not a Reverse Proxy. What is Cloud DNS? That question is hard to explain. Because this is Mircosoft shit and those guy not give you the proper info. You can google but not get you the actual answer.
If you talking about DMCA that's depends on your data center or your hosting provider. You see WJ using a UK server. ;) They can use Ukraine, Sweden servers as well but they didn't why? Because they know only kids believe on offshore location can save him from DMCA. But sorry that;'s not true. :)
Click to expand...

As this user said is correct cloudflare is a cache not reverse proxy. Also i do not understand what you guys are arguing about with thepiratebay as they have multiple replication servers. They are not using reverse proxies nor are they trying to hide where they host. The reason for clouddns is specifically for what i said when one server goes down they activate the replication server in which at the dns panel they can change the dns to point to the new server.


SrsVPS said:
CloudFlare is a web accelerator. It's not a "real" reverse proxy. A properly set up reverse proxy makes it almost impossible to find the servers behind it (unless it is hacked into).

Cloud DNS is basically globally distributed DNS servers. The whole idea behind that is that you will always request the DNS server closest to you (this speeds things up, as a website cannot load until the hostname is resolved to an IP address.)

TPB no longer runs a tracker, they use magnet links which removes the need for tracker / .torrent.

A large website I am systems admin of uses 2 Nginx Reverse Proxies to proxy requests back to our backend. All clients see are the 2 IPs of our frontend proxies. It is nearly impossible with our rooting the proxies to find out the backend IP address.
Click to expand...

ThePirateBay is indeed still a torrent tracker. Just because they removed torrents does not mean they do not track. Their tracker url openbitorrent is currently still activated in certain parts of the world. If all they did was ONLY provide magnet urls to other torrents then they would be classified as a Torrent Index.

You seem to have some knowledge as far as servers and very good at that, but your knowledge about security is pretty much garbage if you say a nginx reverse proxy is impossible to find its destination.
Their is a reason packet sniffers and packet editing is used for these reasons. Not only that any user with a mind could easily run a port scanner and find the port they are running the real server on.

Remember for a reverse proxy not on localhost connecting has to connect to the external port which has to be open on the main server. Not only that, but their are tools which will force the headers to forward the request to the real IP.

It is really bad for users to come on here and try to talk over others when them there selfs do not even know that much of the subject. You are giving bad information which can lead to other users to believe it and find out the bad way.
 
Also i do not understand what you guys are arguing about with thepiratebay as they have multiple replication servers. They are not using reverse proxies nor are they trying to hide where they host.
Click to expand...

I quote TPB's blog

The only box someone could find is the one in the front, that needs to be public. We have multiple of those, scattered like diarrhea around the world. They contain no storage device, no graphics card. Only a network cable, a cpu and memory. Being nice people, we've put small easters egg into each box though, for the hard work put into finding that public machine! Nothing dangerous though, just funny.
Click to expand...
http://thepiratebay.se/blog/209

Their is a reason packet sniffers and packet editing is used for these reasons. Not only that any user with a mind could easily run a port scanner and find the port they are running the real server on.
Click to expand...
Yes, because scanning the entire public IPv4 space is entirely plausible.

Not only that, but their are tools which will force the headers to forward the request to the real IP.
Click to expand...
No such thing exists.

It is really bad for users to come on here and try to talk over others when them there selfs do not even know that much of the subject. You are giving bad information which can lead to other users to believe it and find out the bad way.
Click to expand...

Right back at ya.
 
First and foremost That blog post was before the raid, But since the website was taken under new management NOW LEGAL from a real company. It has long gone into smarter ways of keeping the server up which was what led to its source code being leaked.

Yes, because scanning the entire public IPv4 space is entirely plausible.
Click to expand...

No one spoke of scanning the entire IPv4. Alot of people leave their domains pointed to certain dns servers leaving one subdomain pointed to the main reverse proxy and another pointing to the real server. Then of course im sure you have heard of pulling the known dns records from querying the root dns servers? I'm sure you know that by now since you are the almighty smart one.

No such thing exists.
Click to expand...

I guess you do not seem to watch security blogs at all. Their may not be a up2date version at the moment, but it has been seen that people create malfunctioned headers causing nginx to redirect the user to the destination server if being used as a reverse proxy.

Right back at ya.
Click to expand...

You have seem to quote me, but have show no real proof at all. You gladly wrote a entire paragraph to out smart these other users why not me? Maybe you seem to feel i am not 100% incorrect. So i highly doubt this was the case and you should have not replied in the beginning.
 
I guess you do not seem to watch security blogs at all. Their may not be a up2date version at the moment, but it has been seen that people create malfunctioned headers causing nginx to redirect the user to the destination server if being used as a reverse proxy.
Click to expand...

Link me to the mailing list entry addressing the issue. There was an issue with the UPSTREAM sending malformed headers causing undefined behavior, but not from the client.

No one spoke of scanning the entire IPv4. Alot of people leave their domains pointed to certain dns servers leaving one subdomain pointed to the main reverse proxy and another pointing to the real server. Then of course im sure you have heard of pulling the known dns records from querying the root dns servers? I'm sure you know that by now since you are the almighty smart one.
Click to expand...

Then you're leaking IP because your DNS is improperly set up, not because you're using a reverse proxy.

A properly configured reverse proxy setup makes it nearly impossible to disclose the backend IP unless your backend fetches content on behalf of the client from an external server, or your attacker has somehow figured out a way to execute arbitrary code on your website (through L/RFI, ...etc)

I implore you to attempt to find the backend server of http://encyclopediadramatica.se, you'll find it quite impossible.
 
SrsVPS said:
I implore you to attempt to find the backend server of http://encyclopediadramatica.se, you'll find it quite impossible.
Click to expand...

The backend to that site is hosted on ovh.net and the reverse proxy is hosted on a dedicated server located at portlane.com...
Need to say more? The backend is run on vmware also...
They use amazon dns service

Like i said it is not impossible..

Code: 
Owner of the site:                 Garrett  Moore

Backend server connects from:
http://37.59.72.74:7780/

Do not tell me this is one of the site you speak of that your system administrator at? You obviously need to learn security.
 
Last edited:
So that port 7780 is just randomly showing a http server on your mail server then?

Their will be no end to this i will allow you to feel that you proved me wrong, but of course that ip and port came out from packet editing so i very much doubt its unrelated.

So im going to assume you are paying for a entire dedicated server for just mail?
 
Status
Not open for further replies.
Back
Top