A web proxy server, sometimes called a web proxy, can serve a variety of purposes. Many of the purposes for using a proxy server are legitimate, but others are suspicious and sometimes malicious.
Using a simple definition, a proxy is basically a server that sits between a user and the destination server that the user is accessing. It is an intermediary or go-between that requests resources from the destination server on the user’s behalf.
On of the most common uses of a proxy server is for anonymous web surfing. When a user is connected through a proxy server, the IP address of the web proxy is used to communicate with the destination server and thus the IP address of the user is hidden. This can be used to allow a user access to systems where their access might normally be blocked, or because an IP address identifies a user’s geographic location, it can be used to disguise the country where a user is located.
There are thousands of free proxy servers set up in countries around the world, and lists of these servers can easily be found on the web. When a user visits one of these sites, they enter the web address of the site they wish to visit. From that point on, the true IP address of the user is protected and the destination server only sees the IP address of the proxy server.
Students use web proxies to allow them to access web sites whose IP addresses are blocked by their school’s server. For example, if a school has blocked all the known IP addresses for porn sites, students might still be able to access these sites through a proxy. Because of uses intended to circumvent normal security, lists of the IP addresses of known proxy servers are available, which can also be blocked by a company or school network.
If you are concerned about protecting your identity while on the web, a proxy server can help with anonymity. But be aware that these servers can have a malicious intent and can be used to cache information that passes through them, which means that you never want to use one of these intermediaries to log into your bank account or any web site where exposing user IDs and passwords can be detrimental. This can be a path to identity theft.
There are other malicious uses for these servers. Many e-commerce sites capture the IP addresses of customers who purchase products. They are used to identify the geographic location of a customer to help prevent fraud. If a customer’s street address is in Boston, but their IP address identifies their geographic location as Nigeria or China, the chances are more than good that a stolen credit card is being used. Many sophisticated online thieves use domestic drop points or freight forwarding companies where products are shipped and later forwarded to the thief. They have also learned to use web proxy servers to hide their location, or make it appear that they are located in a country not known for credit card fraud.
There are many legitimate uses for proxy servers. AOL has traditionally cached commonly visited web pages and altered JPG images by compressing them to speed up web access for their users. They can also be used by schools and companies to filter content, and by ISPs that restrict access to family friendly content.
If you are going to use a proxy server, try to identify those that are legitimate. Many are, but some are not. As a general rule, never access sensitive sites that require a user ID and password. This includes your e-mail accounts.