Proxy servers can be set up to work in lots of different ways. It’s important to understand exactly how your proxy is operating to ensure that it meets your privacy and security needs.
Proxy Connection Protocols
To begin with, it’s important to note the different connection protocols that a proxy server might use. This refers to the set of commands issued between your browser and the proxy server.
There are three types of connection protocol behind the most commonly used proxy servers:
An HTTP proxy is a simple method of using a remote server to grab a web page via an unencrypted connection.
When using an HTTP proxy, your browser will send a GET request to the proxy server, which will forward this request to the server of the website you’re trying to access.
The web server will only see the proxy connection, and will answer to it as if it was your browser. The proxy will then receive this response and forward it back to you.
This is a fairly transparent process that is not far from communicating with the web server directly. However, it is possible for the proxy owner to add or change content within the data stream. This means you might receive unwelcome advertisements or even malware.
While this kind of proxy will hide your identity and IP from the website you’re visiting, the proxy itself will see everything you do because your data isn’t protected by HTTPS.
HTTPS is the secure extension of the HTTP protocol. As the name suggests, HTTPS proxies work with the HTTPS protocol to send data over the internet.
The same process takes place as with the HTTP proxy, but the data between your computer and the proxy server is protected by TLS encryption.
Anyone with access to your network — including your ISP — will be able to see the domains you are accessing, but not the specific URLs you visit.
While HTTPS proxies can be useful, they are only designed to handle HTTP and HTTPS connections, which make them less functional than a SOCKS proxy.
SOCKS proxies are more flexible than HTTP or HTTPS proxies. They can handle routing data from a multitude of different sources including HTTP, HTTPS, SMTP (email) and FTP (torrenting).
SOCKS5 is the most recent version of SOCKS. Unlike its predecessors it supports encryption, and also offers authentication methods which provide an additional layer of security.
Username and password authentication is available with SOCKS5, as well as GSS – API authentication. If configured correctly, this means that only authorized users can access a given server.
While SOCKS5 is more flexible and secure than other types of proxy server, it does take a lot more effort to set up. Unless you’re a hardcore torrent user, you might find the time and hassle required to set up and use SOCKS is excessive compared to the simplicity of a VPN.
That said, a small number of VPNs now provide SOCKS5 proxy servers as part of their service. This gives you the luxury of being able to easily choose between a VPN server or a SOCKS5 proxy server.
A transparent proxy will tell the destination website that it is a proxy server. It will still forward your real IP address, which means the website you are visiting will be able to identify your true location.
Transparent proxies are not typically used by consumers for this reason. They’re usually put in place by libraries, businesses, and schools who use the proxy for content filtering or activity monitoring. They can also be used on public wifi to stop users accessing content that would take up too much bandwidth.
Proxy Server Configurations
Proxy servers can configure these protocols in various different ways. Each of these configurations offer a significantly different experience in terms of privacy and security.
1Private and Dedicated Proxy
A private proxy server can only be used by one person at a time. A dedicated proxy is simply a private proxy with a set IP address that never changes. The main goal of these tools is to hide your personal IP address.
Because they can only be used by one party, both private and dedicated proxy servers usually come at a cost.
2Shared and Public Proxy
A shared proxy is a collection of private proxy IP addresses that multiple people can use at once. This is a cheaper alternative to a private proxy because the cost is usually shared amongst a number of users.
Public proxies are also used by multiple people, but they are free to use and much less secure. These proxies have some major security risks. Firstly, you’re sharing a service with an unlimited number of strangers, any of whom could be using the service to conduct illegal activity.
The owner of the public proxy can also easily misuse the data of the users who connect to it. They could sell it to advertisers, or even pass it over to authorities.
In short, you have no idea what could be happening to your data once it reaches the proxy server. For this reason, it’s best to avoid public proxies.
Web proxies allow you to use a browser-based form to navigate to a blocked web page or hide your IP from a website. Many of these services are also public proxies.
An example of a web proxy can be seen below. This particular example is hosted by Hide.me and allows users to pick the location of their proxy server before routing their data through it.
Screenshot from Hide.me’s web proxy service.
The downside to this type of proxy is usability. Pages rendered through web proxies sometimes appear mangled or lack their original functionality. Because they’re free and shared, you will almost certainly be hit with slow speeds and advertising when using web proxy services.
These proxies can be handy for visiting a blocked website that doesn’t involve sensitive data. However, they offer similar risks to a public proxy and their general functionality is poor.
4Residential and Data Center Proxies
A residential proxy uses an IP address provided by an Internet Service Provider (ISP), not a data center. These addresses are tied to an actual physical device like a mobile phone or desktop computer.
When using a residential proxy, the website you’re connecting to will be unable to tell you’re using a proxy, because it will appear as if you’re connecting through a normal IP. Security systems will usually place more trust in residential IPs because they are assigned only to real residential addresses.
Data Center proxies, on the other hand, provide private IP addresses that come from a third party corporation and are not affiliated with an Internet Service Provider (ISP).
Datacenter IPs are often easier to acquire than residential IPs. The IP addresses in a datacenter also tend to be very similar (e.g. each IP address going up in ascending order). For this reason, it’s often more obvious that they’re being used as a proxy, which can lead to blocking.