Simplifying Proxies: From Basics to Bruno Integration

A proxy is a simple server that sits between your device and the internet. It acts as a middleman, forwarding your requests to external servers and returning their responses, offering added security, privacy, and sometimes faster performance.

There are two main types of proxies:

1. Forward Proxy (Client-side)

2. Reverse Proxy (Server-side)

In this guide, we’ll walk you through what proxies are, the differences between forward and reverse proxies, and how to configure a proxy in Bruno to enhance your API testing workflows.

Understanding Proxies

At its core, a proxy server is just another computer that stands between your device and the target server on the internet. Instead of your request going directly to the destination, it first goes to the proxy. The proxy then forwards your request, receives the response, and sends it back to you. Think of it as a helpful go-between for your online communications.

Why do we need such a middleman? Proxies solve several common problems:

• Anonymity & Privacy: They hide your actual IP address from the destination server, making your online activity harder to track. The destination server only sees the proxy's IP.
• Security: Proxies can filter malicious traffic, block access to dangerous sites, or serve as a first line of defence against attacks.
• Content Access: They can help bypass geographical restrictions or network blocks by acting as a gateway from an allowed location.
• Performance (Caching): Proxies can store copies of frequently accessed web pages or files. If multiple users request the same content, the proxy can serve it directly from its cache, speeding up load times and saving bandwidth.
• Monitoring & Logging: In corporate environments, proxies can log internet usage for security audits, policy enforcement, and troubleshooting.

Forward Proxies (Client-side)

A forward proxy is what most people typically think of when they hear the term "proxy." It sits in front of one or more client devices (like your computer or a corporate network) and acts on their behalf to send requests out to the internet.

How it works: Your computer (client) sends a request to the forward proxy. The forward proxy then sends that request to the destination server on the internet. The destination server sees the proxy's IP address, not yours.

Common Uses:

• Corporate Networks: Companies use forward proxies to filter web content, enforce security policies, cache frequently accessed data, and monitor employee internet usage.
• VPNs & Anonymizers: Many VPN services and anonymity tools operate as forward proxies, routing your traffic through a different server to hide your location.
• Geographical Unblocking: Accessing content restricted to certain regions by routing through a proxy located in that region.

Reverse Proxies (Server-side)

A reverse proxy works differently. Instead of sitting in front of the client, it sits in front of one or more servers (like your web servers or API servers). It receives all incoming requests from the internet and then forwards them to the appropriate backend server. The client making the request never directly interacts with the backend servers.

How it works: A client (e.g., your browser, or Bruno testing an API) sends a request to a domain (e.g., usebruno.com). This request hits the reverse proxy. The reverse proxy then directs the request to the correct internal server that can fulfill it, returning the response back to the client.

Common Uses (especially in enterprise for APIs):

• Load Balancing: If you have multiple API servers, a reverse proxy can distribute incoming traffic across them, preventing any single server from being overwhelmed and ensuring high availability.
• Enhanced Security: It hides the internal network structure, shielding backend servers from direct attacks. It can also handle SSL/TLS encryption (SSL offloading), preventing direct exposure of certificates on backend servers.
• Caching: Just like forward proxies, reverse proxies can cache static or frequently requested content, reducing the load on backend servers and improving response times.
• API Gateway Functionality: Many modern API gateways are built on reverse proxy principles, handling authentication, rate limiting, request/response transformation, and routing for microservices.
• URL Rewriting & Routing: They can manipulate URLs or route requests to different backend services based on the URL path, enabling flexible API architectures.

How to Configure Proxy in Bruno

Bruno provides flexible proxy configuration options at both the global (main settings) and collection levels. This allows you to tailor your testing environment to various network setups, from personal use to complex corporate proxies.

Main Settings (Global Proxy)

These settings act as your default. If no specific collection proxy is configured, Bruno will use these.

Access: Go to Bruno's general settings.

• xMode (Off/On/System Proxy):
  • Off: No global proxy is used by default.
  • On: Bruno will use the proxy details configured below for all requests.
  • System Proxy: Bruno attempts to automatically detect and use your operating system's proxy settings. Convenient for corporate environments where system-wide proxies are set.
• Protocol (HTTP/HTTPS/SOCKS4/SOCKS5): Specifies the protocol Bruno will use to communicate with the proxy server.
  • HTTP: Standard protocol for web traffic.
  • HTTPS: Secure, encrypted communication with the proxy.
  • SOCKS4: A generic proxy protocol for various network traffic.
  • SOCKS5: An advanced SOCKS protocol supporting authentication and UDP traffic.
• Hostname (e.g., proxy.example.com): The IP address or domain name of your proxy server.
• Port (e.g., 3000, 8080): The specific port number on which the proxy server listens for connections.
• Auth (Username/Password):
  • Username: The username required to authenticate with the proxy server.
  • Password: The password required to authenticate with the proxy server.
• Proxy Bypass: A comma-separated list of hostnames or IP addresses that Bruno should connect to directly, bypassing the configured proxy. Useful for internal APIs or specific services that don't need to go through the proxy.

Collection Level Proxy

These settings allow you to override the global proxy configuration for a specific collection of requests.

Access: In your Bruno collection, find its settings.

• Config (global/enabled/disabled):
  • global: Use the global proxy settings defined in Bruno's main settings.
  • enabled: Activate collection-specific proxy settings. Bruno will use the Hostname, Port, Protocol, and Auth configured within this collection.
  • disabled: Do not use any proxy for this collection, even if a global proxy is enabled.
• All other fields (Protocol, Hostname, Port, Auth, Proxy Bypass) function identically to the global settings, but apply only to this specific collection.

Why both levels? This flexibility is key for an API testing tool. You might have:

• A global corporate proxy for most external requests.
• A specific collection of tests for an internal API that should bypass the proxy.
• Another collection for a client whose API requires a different, dedicated proxy.

Wrap Up

Proxies are a fundamental component of modern networking, offering crucial benefits like enhanced security, improved privacy, and optimized performance for both clients and servers. With Bruno's intuitive proxy configuration options, you're well-equipped to handle complex network environments. 

Your APIs deserve better conversations - join the Bruno Discord.

Happy proxy testing with Bruno!  🚀