DevOps
Reverse Proxy
A server that sits in front of your application and forwards client requests to it, adding TLS termination, load balancing, caching, compression and a security buffer that hides backend topology. It is where you centralise edge concerns. Nginx, Caddy, HAProxy and Envoy are the common choices.
Purpose
A reverse proxy sits in front of your application servers and forwards client requests to them — the inverse of a client-side proxy. It exists to centralise edge concerns: one hardened place for TLS, compression, caching, load balancing and request policing, while backends stay simple and hidden.
When to Use It
Terminating HTTPS so apps speak plain HTTP internally; spreading load across instances; caching and compressing responses; shielding backend topology and absorbing slow clients or basic abuse before it reaches application code. Virtually every production web stack has one.
Trade-offs
It is another hop and another critical component: misconfigured header forwarding breaks client-IP detection and redirects, and an undersized proxy becomes the bottleneck. It must be deployed redundantly, or it is your new single point of failure.
Implementation
Pick Nginx, Caddy (automatic TLS), HAProxy or Envoy. Forward identity headers (X-Forwarded-For/-Proto, Host), set timeouts on both client and upstream sides, and add health checks so dead backends drop out. Keep the proxy config in version control like any other code.