I recently setup a Squid proxy to provide me with convenient access to my intranet behind a firewall while I’m travelling. It works really well!

Previously I’d used squid2, and this time I used squid3. I was very pleased with how I was able to easily specify proxy / “routing” rules for different domains. I noted how Squid also has very good configuration support for access controls and dns resolvers.

All this made me wonder why Squid, which is an incredibly powerful forward proxy, bothers to support reverse proxy features at all? To reverse proxy, I use NGINX, Pound, Apache, and Varnish.

On the flip side, I have to wonder why Apache supports forward proxy features? Seems to me its really a non-feature, even more of a security risk than anything else. If I recall correctly, the forward proxy features are disabled by default, which is a good thing!

¥