A reverse proxy web server provides a public facing interface for internal services. Requests to the client are forwarded to the appropriate service, responses are then relied back to the client.
Benefits:
- Avoids exposure of internal services and allows control of ingress (e.g. using fail2ban)
- SSL termination which avoids needing to install certificates on each server
- Caching and static content serving
traefik is my personal favorite for a web proxy currently, providing easy Docker container support.