A proxy caches content, much like your web browser will cache web data in order to speed up access to that site the next time you visit it. A proxy can also mean anonymizing the server (a proxy server known as a reverse proxy) that actually stores content, which is the purpose of the Mobile Access service in Mac OS X and the reverse proxies that can be used on each site.
The proxy in Mac OS X Server caches pages of a web site that are visited so that as each additional user of your local network visits the site they do not have to download images and graphics, speeding up access to the site for subsequent visits after the first visitor has downloaded the pages. This type of proxy is known as a forward proxy. The forward proxy can help to reduce the total saturation of your internet connection by using a shared cache for all of your client computers. Many might also be using a solution such as the open sourced Squid, or a proprietary solution such as Websense as a proxy. But few know that Mac OS X Server has the ability to act as a forward proxy built in.
To enable the forward proxy, open Server Admin and then click on the Settings for the Web Service, clicking on the Proxy tab of the global configuration settings. Here, click on the checkbox for Enable Forward Proxy and then save the settings, restarting the service when you are finished.
The proxy will now cache files downloaded for clients. These clients will then not access the web directly, but do so through the web server. These files will by default download to the /var/run/proxy directory, although you can choose a different folder to store the files if you so choose (for example, if you want to use the solid state drive on an Xserve so that the cache is faster than an internal drive). You can also set the size of the cache; the default is set to 1MB, but it can be increased to much higher (we often set it to 1024). You can also set an interval to empty the cache, which allows for re-downloading data. By default this is set to 24 hours, which is typically a good setting to stick with.
Finally, you can set sites that are blocked. In doing so, any site entered into this field will then not be accessible to client computers that use the proxy to access the web through the proxy. Attempting to manage the sites that you do not want your users to access can be daunting and so many with this need will choose to use a solution such as Dan’s Guardian if they are using Squid as their proxy or stick with a third party solution. Many will also choose to leverage their network infrastructure for content filtration. In most cases, if you want to block a lot of sites or block sites based on content or category then Mac OS X Server will likely not yet be mature enough for your needs. However, it is worth noting that you can use it, and that if you don’t need filtration that Mac OS X Server can act as a perfectly viable forward proxy.
