=== Reverse Proxy ===
Contributors: cyberlord92
Tags: Reverse proxy, Load Balancing, IP Restriction, Country Restriction, CORS, block, ajax, security, Rate Limiting, Header Based Authentication, File Restriction.
Requires at least: 2.0.2
Tested up to: 6.0
Requires PHP: 7.0
Stable tag: 1.1.2
License: MIT/Expat
License URI: https://docs.miniorange.com/mit-license

Secure your WP website from unauthorized access from web vulnerabilities, hence providing a secure connection between your internal services and external clients.

== Description ==

Reverse proxy server is helpful in protecting systems against web vulnerabilities, which adds an extra degree of security with advanced security solutions such as IP restriction, Location restriction, Device Restriction, Country Restriction, Header Based Authentication, Media Restriction, 2FA, MFA, Authentication (SAML, OAuth, LDAP, Radius), URL Rewriting, Rate Limiting, File Restriction, Caching, Load Balancing, Bot traffic Prevention, SSL Offloading, TLS Offloading, Access Control, Traffic Monitoring and Analytics, and many more. In contrast to a regular proxy server, which protects clients, a reverse proxy protects servers. A reverse proxy is a server that receives a client's request, passes it to one of many other servers, and then delivers the results from the server that actually processed the request to the client as if the proxy server had handled it itself. The client only talks with the reverse proxy server and is unaware that its request was really handled by another server.

**How Reverse Proxy will work for your WordPress site?**
Reverse proxy plugin will help you to set up the proxy on your WP site so that it can be accessed with the Proxy URL thereby securing your actual WordPress URL and extending the security with many other features as listed below. It also comes with additional security features such as IP restriction, Location restriction, Device Restriction, Country Restriction, Header Based Authentication, Media Restriction, File Restriction, 2FA, MFA, Authentication (SAML, OAuth, LDAP, Radius), URL Rewriting, Rate Limiting, Caching, Load Balancing, Bot traffic Prevention, SSL Offloading, TLS Offloading, Access Control, Traffic Monitoring and Analytics, and many more.

== FEATURES  ==

**Rate Limiting:** Rate Limiting is used to set the interval between each request from each IP address and the amount of requests received within a certain time period. Rate Limiting is used to prevent the server from getting DoS attack, DDoS attack or Slowloris attack.  <a href="https://www.miniorange.com/reverse-proxy/setup-rate-limiting" target="_blank">Setup Guide</a>

**CORS:** CORS feature is used to enable access to specific domains that are submitted by a user to make asynchronous requests to the server address. AJAX requests to this site from another (those containing an Origin header) will be allowed for any domain in your multisite setup.  <a href="https://www.miniorange.com/reverse-proxy/setup-cors" target="_blank">Setup Guide</a>

**IP restriction/ Location restriction/ Device based restriction/ Country restriction:** IP restrictions allow you to limit inbound connections from a limited IP address, and to minimize unwanted traffic. IP restriction can be used to activate network security control, limiting inbound connections to web services based on IP address, location, and device, and reducing unwanted traffic. Plugin can be useful to detect Real visitors IP Address. Location restriction allows you to block unauthorized access from specific geopolitical locations or regions to prevent access to web services and secure data. With device restriction, only the authorized devices will be allowed to access the organization’s data to prevent data leaks and secure it from any unauthorized access. <a href="https://www.miniorange.com/reverse-proxy/setup-ip-restriction" target="_blank">Setup Guide</a>

**Load Balancing:** Load balancing guarantees that no server is overwhelmed by distributing network traffic among numerous servers. Load balancing allows the distribution of network traffic across multiple servers. Load balancing when enabled provides additional capabilities including application security. <a href="https://www.miniorange.com/reverse-proxy/setup-load-balancing" target="_blank">Setup Guide</a>

**Traffic Monitoring/ Analytics:** Monitor network's incoming and outgoing traffic to gather information on network traffic, speed, and classifications and generate an analysis report for traffic management. Traffic monitoring feature can help to check server health status. _ 

**URL Rewriting:** URL Rewriting is the process of changing Uniform Resource Locator (URL) structure while loading a page to make it easier to type and make it more readable. URL rewriting is beneficial because it make your URL more readable, improves security and is SEO friendly._ 

**SSL/TLS Offloading:** Activate SSL/TLS Offloading in your hosting environment._

**Two Factor Authentication:** Sets up Two-Factor Authentication (2FA) for WordPress.

**User Authentication:** User access requests are authenticated with a reverse proxy for user login and File Restriction (SAML, OAuth, LDAP, Radius).

**Access Control:** You can regulate priority access to only authorized users, or you can grant limited access to non-compliant guest users._ 
 
**Caching and Data Compression:** Cache the recent copy of the resource when a client request it to be send next time user requests it._
 
**Bot Traffic Prevention:** Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection._ 

 **Content Restriction:** Control user access to content based on WordPress user role, access level. You can also set additional user restrictions such as IP Restriction, Device based Restriction, Location Restriction, Country Restriction as well._

**Limit Login Attempts:** Limit the number of retry attempts when logging in (per each IP). This is fully customizable. Adds further captcha verification. Useful for slowing brute force attack. Plugin will redirect to the home page, when an abnormal request is received. Informs the user about the remaining retries or lockout time on the login page.

**Header Based Authentication:** Header Based Authentication allows users using an on premise app to log in with reverse proxy. Enable header based authentication to log in to apps using contents of URL header. Header based authentication is a method where the users are authenticated to access backend applications based on the user information which is sent through the HTTP headers. In the URL, the HTTP header section contains authentication parameters which can be configured to set the Header Based Authentication for on premise apps.



==Benefits of Reverse proxy==
**Resource sharing between websites**: CORS Feature in Reverse Proxy is a method  that allows HTTP requests while Same Origin Policy (or SOP) is sharing resources between different websites, but prevents HTTP response information from reading.

**Modern Browser Support**: CORS Feature in Reverse Proxy is supported on almost all modern browsers, unlike JSONP.

**Support for Legacy Applications**: Header Based Authentication allows users to log into legacy on premise applications easily with just the contents of HTTP URL Header. Header Based Authentication provides easy SSO login to legacy applications with the help of a reverse proxy.

**Prevention of Resource Starvation**: The most typical purpose for Rate Limiting is to set APIi Rate Limit to minimize resource hunger, which improves the availability of API-based applications.

**Controlling flow**: You may use Rate Limiting to govern data and message flows in complicated connected systems that process massive amounts of data and messages, whether you're combining many streams into a single service or distributing a single work stream to a large number of employees. Rate Limiting solution is scalable and easily fits the bill.

**Keeping expenses down**: Reverse Proxy might be used by a company to keep research from spiraling out of hand and racking up enormous expenditures involved when looking for the best security solutions such as IP restriction, Location restriction, Country Restriction, Device Restriction, Header Based Authentication, Media Restriction, 2FA, MFA, URL Rewriting, File Restriction, Rate Limiting, Caching, Load Balancing, Bot traffic Prevention, Authentication(SAML, OAuth, LDAP, Radius), SSL offloading, TLS offloading, Access Control, Traffic Monitoring and Analytics, and many more.

**Improved Performance**: Reverse Proxy lessens the additional load placed on a server and ensures smooth operations and responses, providing a better experience for customers with solutions such as Load Balancing to transfer data load across the web servers and using Traffic Monitoring and Analytics to check for incoming traffic and user actions .

**Reduced Downtime**: Failed and under-performing components may be replaced instantly, with no or minimal downtime, while also providing information on which equipment needs servicing. This can be monitored with Traffic Monitoring and Analytics solution to monitor the incoming traffic and check every user action performed.

**Protection**: Reverse Proxy adds an extra layer of security to your website and applications without requiring any changes with advanced security solutions such as IP Restriction, Location Restriction, Device Restriction, Country Restriction, Header Based Authentication, Media Restriction, Authentication(SAML, OAuth, LDAP, Radius), 2FA, MFA, URL Rewriting, File Restriction, Rate Limiting, Caching, Load Balancing, Bot traffic Prevention, SSL offloading, TLS offloading, Access Control, Traffic Monitoring and Analytics, and many more.

**Scalability**: With Reverse Proxy you can use additional servers when there is high load on one server to improve performance using solutions such as Load Balancing to support high loads of traffic. With Traffic Monitoring and Analytics, you can monitor the traffic and user actions of each and every user.

**Protection**: Reverse Proxy can be used to limit IP addresses from a particular range to improve security with the help of IP restriction. IP restriction prevents unauthorized access to your applications based on the IP addresses. File Restriction prevents unwanted access to WP files and folders.

**Increased flexibility**: The number of IP addresses you can utilize is unlimited. You can also set access control restrictions such as IP Restriction, Location Restriction, Device Restriction, Country Restriction, File Restriction and many more.

**Manage Traffic**: Reverse Proxy can help to manage and minimize unwanted traffic. With Traffic Monitoring and Analytics users can monitor the traffic and user actions performed on their website .

**Accuracy**: All Reverse Proxy features are synchronized so that the authorization is highly accurate and Security is enhanced with advanced security solutions like IP Restriction, Location Restriction, Device Restriction, Country Restriction, Header Based Authentication, Media Restriction, Authentication(SAML, OAuth, LDAP, Radius),  2FA, MFA, URL Rewriting, Rate Limiting, Caching, Load Balancing, Bot traffic Prevention, SSL offloading, TLS offloading, Access Control, File Restriction, Traffic Monitoring and Analytics, and many more. 

**Easy Installation**: Reverse Proxy solution is easier to implement and install for your cloud applications and also supports multiple security solutions integrations such as IP restriction, Location restriction, Device Restriction, Country Restriction, Header Based Authentication, Media Restriction, 2FA, MFA, URL Rewriting, Rate Limiting, Authentication (SAML, OAuth, LDAP, Radius), Caching, Load Balancing, Bot Traffic Prevention, SSL offloading, TLS offloading, Access Control, File Restriction, Traffic monitoring and Analytics, and many more.

To learn more read our Page https://www.miniorange.com/reverse-proxy/. 

== Installation ==

This section describes how to install the All In One WordPress Reverse Proxy and get it working.

= From your WordPress dashboard =

1. Visit `Plugins > Add New`
2. Search for `Reverse Proxy`. Find and Install `Reverse Proxy` plugin by miniOrange
3. Activate the plugin from your Plugins page.


= From WordPress.org =

1. Download Reverse Proxy.
2. Unzip and upload the `reverse-proxy` directory to your `/wp-content/plugins/` directory.
3. Activate Reverse Proxy from your Plugins page.

== Frequently Asked Questions ==

= What is the use of Reverse Proxy? =
Reverse Proxy is used to protect websites from harmful vulnerabilities. It can be useful for various features like IP restriction, Location restriction, Device Restriction, Country Restriction, Header Based Authentication, Media Restriction, 2FA, MFA, URL Rewriting, Rate Limiting, Caching, Load Balancing, Bot traffic Prevention, SSL offloading, TLS offloading, Access Control, Traffic Management and many more.

= How does the Reverse Proxy plugin work? =
Reverse Proxy plugin filters out the request and sends authenticated and authorized requests to the origin server.

= Can Reverse Proxy plugin be set up on any website? =
Yes, it can be set up on any website and can be useful for URL rewriting too.

=Can WordPress plugin protect my site from DDoS attacks?=
Yes, it can protect your site from DDoS attacks using Rate Limiting Feature.

= Can Reverse Proxy plugin be customized according to custom requirement? =
Yes, it can be customized according to the requirement. You can reach out to us at proxysupport@xecurify.com or send a query at <a href="https://miniorange.com/contact" target="_blank">Contact us</a>.

=Got a question?=
Send any questions or feedback via email on proxysupport@xecurify.com or send a query at <a href="https://miniorange.com/contact" target="_blank">Contact us</a>.

== Screenshots ==

1. Reverse Proxy Description

==Changelog==

= 1.1.2 =
*  UI Improvements for User Registration Form.

= 1.1.1 =
*  Fixes in user registration and readme changes.

= 1.1.0 =
*  First version of the plugin.

== Upgrade Notice ==

= 1.1.0 =
*  First version of the plugin.