[{"data":1,"prerenderedAt":1261},["ShallowReactive",2],{"blog-en-guide-to-setting-up-a-proxy-server-on-linux":3,"blog-langs-guide-to-setting-up-a-proxy-server-on-linux":1256},{"id":4,"title":5,"author":6,"authorRole":7,"body":8,"category":1239,"cover":41,"date":1240,"description":1241,"draft":1242,"extension":1243,"featured":1242,"hreflang":1244,"lang":1245,"meta":1246,"navigation":1248,"path":1249,"readMinutes":1250,"seo":1251,"slug":1252,"stem":1253,"tags":1254,"__hash__":1255},"blog\u002Fblog\u002Fen\u002Fguide-to-setting-up-a-proxy-server-on-linux.md","Guide to Setting Up a Proxy Server on Linux","EProxies Data Solutions Team","Public-web data collection research",{"type":9,"value":10,"toc":1197},"minimark",[11,19,26,31,34,45,52,63,84,88,93,96,102,105,109,112,118,121,125,181,191,195,198,201,223,226,264,267,283,286,306,309,313,317,320,352,355,375,379,382,397,400,429,440,444,447,468,475,495,498,507,510,527,531,534,589,592,631,637,641,644,665,668,704,711,715,718,722,725,744,747,785,789,792,796,799,816,823,827,830,834,837,841,844,869,872,876,879,883,886,890,893,922,925,984,997,1001,1005,1008,1038,1041,1064,1068,1075,1089,1092,1108,1112,1115,1119,1126,1130,1134,1137,1141,1165,1169,1172,1176,1179,1183,1186,1190,1193],[12,13,14,18],"p",{},[15,16,17],"strong",{},"TL;DR:"," Set up a Linux proxy server with Squid for HTTP(S) traffic, secure it with ACLs, authentication, firewall rules, and regular patching, then monitor logs, latency, CPU, memory, disk I\u002FO, and upstream errors. For residential routing, EProxies supports HTTP(S)\u002FSOCKS5, 72M+ residential IPs in 195+ countries, 98.2% uptime, and pricing from $0.25\u002FGB.",[12,20,21],{},[22,23],"img",{"alt":24,"src":25},"Set Up Proxy Server on Linux","\u002Fblog-diagrams\u002Fguide-to-setting-up-a-proxy-server-on-linux.en.svg",[27,28,30],"h2",{"id":29},"introduction-to-proxy-servers-on-linux","Introduction to Proxy Servers on Linux",[12,32,33],{},"A Linux proxy server sits between a client and the internet. It forwards requests, applies access rules, can cache repeated content, and gives teams one controlled point for outbound traffic.",[35,36,42],"pre",{"className":37,"code":39,"language":40,"meta":41},[38],"language-text","Client\u002FApp → Linux Proxy Server → Target Website\u002FAPI\n","text","",[43,44,39],"code",{"__ignoreMap":41},[12,46,47,48,51],{},"Linux is a strong proxy platform because it is stable, scriptable, and works well with Squid, Nginx, HAProxy, Dante, firewall rules, and monitoring tools. Squid is one of the most common forward proxy choices because it supports caching, ACLs, authentication, logging, and bandwidth controls. Its default proxy port is usually ",[43,49,50],{},"3128",".",[12,53,54,55,58,59,62],{},"In our validation pass for this guide, we tested a basic Squid setup on Ubuntu and Rocky Linux: package installation, username-password authentication, firewall access, ",[43,56,57],{},"curl"," requests through the proxy, and log checks in ",[43,60,61],{},"\u002Fvar\u002Flog\u002Fsquid\u002Faccess.log",". The steps below reflect that practical flow.",[12,64,65,66,71,72,75,76,79,80,51],{},"For public web data collection, localization testing, ad verification, and market research, you can also route Linux proxy traffic through an upstream residential proxy network. EProxies provides ",[67,68,70],"a",{"href":69},"\u002Fresidential-proxies","residential proxies"," with ",[15,73,74],{},"72M+ IPs across 195+ countries",", ",[15,77,78],{},"HTTP(S)\u002FSOCKS5",", rotating and sticky sessions, and plans ",[67,81,83],{"href":82},"\u002Fpricing","from $0.25\u002FGB",[27,85,87],{"id":86},"proxy-types-you-should-understand","Proxy Types You Should Understand",[89,90,92],"h3",{"id":91},"forward-proxy","Forward proxy",[12,94,95],{},"A forward proxy handles outbound traffic from clients.",[35,97,100],{"className":98,"code":99,"language":40,"meta":41},[38],"Internal client → Forward proxy → Website\u002FAPI\n",[43,101,99],{"__ignoreMap":41},[12,103,104],{},"Use it for centralized browsing control, logging, caching, API access management, or routing compliant public data collection through controlled exits.",[89,106,108],{"id":107},"reverse-proxy","Reverse proxy",[12,110,111],{},"A reverse proxy sits in front of your own servers.",[35,113,116],{"className":114,"code":115,"language":40,"meta":41},[38],"User → Reverse proxy → App server\n",[43,117,115],{"__ignoreMap":41},[12,119,120],{},"It is commonly used for TLS termination, load balancing, rate limiting, and protecting backend services from direct exposure.",[89,122,124],{"id":123},"https-vs-socks5","HTTP(S) vs. SOCKS5",[126,127,128,144],"table",{},[129,130,131],"thead",{},[132,133,134,138,141],"tr",{},[135,136,137],"th",{},"Type",[135,139,140],{},"Best for",[135,142,143],{},"Notes",[145,146,147,159,170],"tbody",{},[132,148,149,153,156],{},[150,151,152],"td",{},"HTTP",[150,154,155],{},"Standard web requests",[150,157,158],{},"Easy to configure and inspect",[132,160,161,164,167],{},[150,162,163],{},"HTTPS",[150,165,166],{},"Encrypted web traffic",[150,168,169],{},"Common for APIs and browsers",[132,171,172,175,178],{},[150,173,174],{},"SOCKS5",[150,176,177],{},"Flexible app routing",[150,179,180],{},"Works beyond HTTP-only traffic",[12,182,183,184,187,188,190],{},"EProxies supports both ",[15,185,186],{},"HTTP(S)"," and ",[15,189,174],{},", so you can match the protocol to your application rather than forcing every workload through one mode.",[27,192,194],{"id":193},"before-you-install-anything","Before You Install Anything",[12,196,197],{},"Define the proxy’s role first. A small team browsing proxy, a scraping gateway, a reverse proxy, and a caching layer have different security and performance requirements.",[12,199,200],{},"Prepare the server with:",[202,203,204,208,211,214,217,220],"ul",{},[205,206,207],"li",{},"Ubuntu, Debian, CentOS, Rocky, AlmaLinux, or another maintained Linux distribution",[205,209,210],{},"Root or sudo access",[205,212,213],{},"Updated packages",[205,215,216],{},"A stable IP address or private network address",[205,218,219],{},"Time sync enabled for accurate logs",[205,221,222],{},"Only required ports open in the firewall",[12,224,225],{},"Update the system:",[35,227,231],{"className":228,"code":229,"language":230,"meta":41,"style":41},"language-bash shiki shiki-themes github-light","sudo apt update && sudo apt upgrade -y\n","bash",[43,232,233],{"__ignoreMap":41},[234,235,238,242,246,249,253,255,257,260],"span",{"class":236,"line":237},"line",1,[234,239,241],{"class":240},"s7eDp","sudo",[234,243,245],{"class":244},"sYBdl"," apt",[234,247,248],{"class":244}," update",[234,250,252],{"class":251},"sgsFI"," && ",[234,254,241],{"class":240},[234,256,245],{"class":244},[234,258,259],{"class":244}," upgrade",[234,261,263],{"class":262},"sYu0t"," -y\n",[12,265,266],{},"Or on RHEL-compatible systems:",[35,268,270],{"className":228,"code":269,"language":230,"meta":41,"style":41},"sudo dnf update -y\n",[43,271,272],{"__ignoreMap":41},[234,273,274,276,279,281],{"class":236,"line":237},[234,275,241],{"class":240},[234,277,278],{"class":244}," dnf",[234,280,248],{"class":244},[234,282,263],{"class":262},[12,284,285],{},"Also decide:",[202,287,288,291,294,297,300,303],{},[205,289,290],{},"Who can use the proxy",[205,292,293],{},"Which source IPs are trusted",[205,295,296],{},"Whether authentication is required",[205,298,299],{},"Which ports and domains are allowed",[205,301,302],{},"How logs will be stored and rotated",[205,304,305],{},"What request rates are acceptable",[12,307,308],{},"For web data collection, use proxies responsibly: respect target site terms, applicable laws, and robots guidance where relevant. Proxies should improve routing and reliability, not enable abusive traffic.",[27,310,312],{"id":311},"step-by-step-set-up-squid-on-ubuntu-or-centos","Step-by-Step: Set Up Squid on Ubuntu or CentOS",[89,314,316],{"id":315},"_1-install-squid","1. Install Squid",[12,318,319],{},"On Ubuntu or Debian:",[35,321,323],{"className":228,"code":322,"language":230,"meta":41,"style":41},"sudo apt update\nsudo apt install squid apache2-utils -y\n",[43,324,325,334],{"__ignoreMap":41},[234,326,327,329,331],{"class":236,"line":237},[234,328,241],{"class":240},[234,330,245],{"class":244},[234,332,333],{"class":244}," update\n",[234,335,337,339,341,344,347,350],{"class":236,"line":336},2,[234,338,241],{"class":240},[234,340,245],{"class":244},[234,342,343],{"class":244}," install",[234,345,346],{"class":244}," squid",[234,348,349],{"class":244}," apache2-utils",[234,351,263],{"class":262},[12,353,354],{},"On CentOS, Rocky, AlmaLinux, or RHEL-compatible systems:",[35,356,358],{"className":228,"code":357,"language":230,"meta":41,"style":41},"sudo dnf install squid httpd-tools -y\n",[43,359,360],{"__ignoreMap":41},[234,361,362,364,366,368,370,373],{"class":236,"line":237},[234,363,241],{"class":240},[234,365,278],{"class":244},[234,367,343],{"class":244},[234,369,346],{"class":244},[234,371,372],{"class":244}," httpd-tools",[234,374,263],{"class":262},[89,376,378],{"id":377},"_2-configure-basic-access-rules","2. Configure basic access rules",[12,380,381],{},"Open the Squid configuration file:",[35,383,385],{"className":228,"code":384,"language":230,"meta":41,"style":41},"sudo nano \u002Fetc\u002Fsquid\u002Fsquid.conf\n",[43,386,387],{"__ignoreMap":41},[234,388,389,391,394],{"class":236,"line":237},[234,390,241],{"class":240},[234,392,393],{"class":244}," nano",[234,395,396],{"class":244}," \u002Fetc\u002Fsquid\u002Fsquid.conf\n",[12,398,399],{},"Add or adjust rules like this, replacing the subnet with your trusted network:",[35,401,405],{"className":402,"code":403,"language":404,"meta":41,"style":41},"language-conf shiki shiki-themes github-light","acl local_clients src 192.168.1.0\u002F24\nhttp_access allow local_clients\nhttp_access deny all\nhttp_port 3128\n","conf",[43,406,407,412,417,423],{"__ignoreMap":41},[234,408,409],{"class":236,"line":237},[234,410,411],{},"acl local_clients src 192.168.1.0\u002F24\n",[234,413,414],{"class":236,"line":336},[234,415,416],{},"http_access allow local_clients\n",[234,418,420],{"class":236,"line":419},3,[234,421,422],{},"http_access deny all\n",[234,424,426],{"class":236,"line":425},4,[234,427,428],{},"http_port 3128\n",[12,430,431,432,435,436,439],{},"This allows only clients from ",[43,433,434],{},"192.168.1.0\u002F24"," and denies everything else. That final ",[43,437,438],{},"deny all"," is important because an exposed open proxy can be abused quickly.",[89,441,443],{"id":442},"_3-add-username-password-authentication","3. Add username-password authentication",[12,445,446],{},"Create a password file:",[35,448,450],{"className":228,"code":449,"language":230,"meta":41,"style":41},"sudo htpasswd -c \u002Fetc\u002Fsquid\u002Fpasswd proxyuser\n",[43,451,452],{"__ignoreMap":41},[234,453,454,456,459,462,465],{"class":236,"line":237},[234,455,241],{"class":240},[234,457,458],{"class":244}," htpasswd",[234,460,461],{"class":262}," -c",[234,463,464],{"class":244}," \u002Fetc\u002Fsquid\u002Fpasswd",[234,466,467],{"class":244}," proxyuser\n",[12,469,470,471,474],{},"Add these lines to ",[43,472,473],{},"squid.conf",":",[35,476,478],{"className":402,"code":477,"language":404,"meta":41,"style":41},"auth_param basic program \u002Fusr\u002Flib\u002Fsquid\u002Fbasic_ncsa_auth \u002Fetc\u002Fsquid\u002Fpasswd\nacl authenticated proxy_auth REQUIRED\nhttp_access allow authenticated\n",[43,479,480,485,490],{"__ignoreMap":41},[234,481,482],{"class":236,"line":237},[234,483,484],{},"auth_param basic program \u002Fusr\u002Flib\u002Fsquid\u002Fbasic_ncsa_auth \u002Fetc\u002Fsquid\u002Fpasswd\n",[234,486,487],{"class":236,"line":336},[234,488,489],{},"acl authenticated proxy_auth REQUIRED\n",[234,491,492],{"class":236,"line":419},[234,493,494],{},"http_access allow authenticated\n",[12,496,497],{},"On some CentOS\u002FRHEL-based systems, the helper path may be:",[35,499,501],{"className":402,"code":500,"language":404,"meta":41,"style":41},"\u002Fusr\u002Flib64\u002Fsquid\u002Fbasic_ncsa_auth\n",[43,502,503],{"__ignoreMap":41},[234,504,505],{"class":236,"line":237},[234,506,500],{},[12,508,509],{},"Before restarting, test the configuration syntax:",[35,511,513],{"className":228,"code":512,"language":230,"meta":41,"style":41},"sudo squid -k parse\n",[43,514,515],{"__ignoreMap":41},[234,516,517,519,521,524],{"class":236,"line":237},[234,518,241],{"class":240},[234,520,346],{"class":244},[234,522,523],{"class":262}," -k",[234,525,526],{"class":244}," parse\n",[89,528,530],{"id":529},"_4-open-the-firewall-and-start-squid","4. Open the firewall and start Squid",[12,532,533],{},"Ubuntu:",[35,535,537],{"className":228,"code":536,"language":230,"meta":41,"style":41},"sudo ufw allow from 192.168.1.0\u002F24 to any port 3128 proto tcp\nsudo systemctl enable --now squid\n",[43,538,539,573],{"__ignoreMap":41},[234,540,541,543,546,549,552,555,558,561,564,567,570],{"class":236,"line":237},[234,542,241],{"class":240},[234,544,545],{"class":244}," ufw",[234,547,548],{"class":244}," allow",[234,550,551],{"class":244}," from",[234,553,554],{"class":244}," 192.168.1.0\u002F24",[234,556,557],{"class":244}," to",[234,559,560],{"class":244}," any",[234,562,563],{"class":244}," port",[234,565,566],{"class":262}," 3128",[234,568,569],{"class":244}," proto",[234,571,572],{"class":244}," tcp\n",[234,574,575,577,580,583,586],{"class":236,"line":336},[234,576,241],{"class":240},[234,578,579],{"class":244}," systemctl",[234,581,582],{"class":244}," enable",[234,584,585],{"class":262}," --now",[234,587,588],{"class":244}," squid\n",[12,590,591],{},"CentOS\u002FRocky\u002FAlmaLinux:",[35,593,595],{"className":228,"code":594,"language":230,"meta":41,"style":41},"sudo firewall-cmd --permanent --add-port=3128\u002Ftcp\nsudo firewall-cmd --reload\nsudo systemctl enable --now squid\n",[43,596,597,610,619],{"__ignoreMap":41},[234,598,599,601,604,607],{"class":236,"line":237},[234,600,241],{"class":240},[234,602,603],{"class":244}," firewall-cmd",[234,605,606],{"class":262}," --permanent",[234,608,609],{"class":262}," --add-port=3128\u002Ftcp\n",[234,611,612,614,616],{"class":236,"line":336},[234,613,241],{"class":240},[234,615,603],{"class":244},[234,617,618],{"class":262}," --reload\n",[234,620,621,623,625,627,629],{"class":236,"line":419},[234,622,241],{"class":240},[234,624,579],{"class":244},[234,626,582],{"class":244},[234,628,585],{"class":262},[234,630,588],{"class":244},[12,632,633,634,636],{},"For stronger security, restrict the firewall to known source IPs instead of opening ",[43,635,50],{}," to the public internet.",[89,638,640],{"id":639},"_5-test-the-proxy","5. Test the proxy",[12,642,643],{},"Run:",[35,645,647],{"className":228,"code":646,"language":230,"meta":41,"style":41},"curl -x http:\u002F\u002Fproxyuser:password@SERVER_IP:3128 https:\u002F\u002Fexample.com -I\n",[43,648,649],{"__ignoreMap":41},[234,650,651,653,656,659,662],{"class":236,"line":237},[234,652,57],{"class":240},[234,654,655],{"class":262}," -x",[234,657,658],{"class":244}," http:\u002F\u002Fproxyuser:password@SERVER_IP:3128",[234,660,661],{"class":244}," https:\u002F\u002Fexample.com",[234,663,664],{"class":262}," -I\n",[12,666,667],{},"Then check logs:",[35,669,671],{"className":228,"code":670,"language":230,"meta":41,"style":41},"sudo tail -f \u002Fvar\u002Flog\u002Fsquid\u002Faccess.log\nsudo journalctl -u squid --since \"10 minutes ago\"\n",[43,672,673,686],{"__ignoreMap":41},[234,674,675,677,680,683],{"class":236,"line":237},[234,676,241],{"class":240},[234,678,679],{"class":244}," tail",[234,681,682],{"class":262}," -f",[234,684,685],{"class":244}," \u002Fvar\u002Flog\u002Fsquid\u002Faccess.log\n",[234,687,688,690,693,696,698,701],{"class":236,"line":336},[234,689,241],{"class":240},[234,691,692],{"class":244}," journalctl",[234,694,695],{"class":262}," -u",[234,697,346],{"class":244},[234,699,700],{"class":262}," --since",[234,702,703],{"class":244}," \"10 minutes ago\"\n",[12,705,706,707,710],{},"A successful test should show the request in ",[43,708,709],{},"access.log"," and return HTTP headers from the target site.",[27,712,714],{"id":713},"security-best-practices-for-linux-proxy-servers","Security Best Practices for Linux Proxy Servers",[12,716,717],{},"A proxy server should never be treated as “install and forget” infrastructure. Harden it from the first configuration.",[89,719,721],{"id":720},"restrict-access","Restrict access",[12,723,724],{},"Use Squid ACLs and firewall rules together:",[35,726,728],{"className":402,"code":727,"language":404,"meta":41,"style":41},"acl trusted_clients src 10.0.0.0\u002F24\nhttp_access allow trusted_clients\nhttp_access deny all\n",[43,729,730,735,740],{"__ignoreMap":41},[234,731,732],{"class":236,"line":237},[234,733,734],{},"acl trusted_clients src 10.0.0.0\u002F24\n",[234,736,737],{"class":236,"line":336},[234,738,739],{},"http_access allow trusted_clients\n",[234,741,742],{"class":236,"line":419},[234,743,422],{},[12,745,746],{},"Then limit access at the firewall:",[35,748,750],{"className":228,"code":749,"language":230,"meta":41,"style":41},"sudo ufw allow from 10.0.0.0\u002F24 to any port 3128\nsudo ufw deny 3128\n",[43,751,752,774],{"__ignoreMap":41},[234,753,754,756,758,760,762,765,767,769,771],{"class":236,"line":237},[234,755,241],{"class":240},[234,757,545],{"class":244},[234,759,548],{"class":244},[234,761,551],{"class":244},[234,763,764],{"class":244}," 10.0.0.0\u002F24",[234,766,557],{"class":244},[234,768,560],{"class":244},[234,770,563],{"class":244},[234,772,773],{"class":262}," 3128\n",[234,775,776,778,780,783],{"class":236,"line":336},[234,777,241],{"class":240},[234,779,545],{"class":244},[234,781,782],{"class":244}," deny",[234,784,773],{"class":262},[89,786,788],{"id":787},"require-authentication","Require authentication",[12,790,791],{},"Use username-password authentication for shared access and IP allowlisting for servers or fixed office networks. If routing through EProxies, you can use username-password authentication or IP whitelist authentication with HTTP(S) or SOCKS5.",[89,793,795],{"id":794},"reduce-data-exposure","Reduce data exposure",[12,797,798],{},"Avoid logging sensitive query strings where possible. Restrict log permissions:",[35,800,802],{"className":228,"code":801,"language":230,"meta":41,"style":41},"sudo chmod 640 \u002Fvar\u002Flog\u002Fsquid\u002Faccess.log\n",[43,803,804],{"__ignoreMap":41},[234,805,806,808,811,814],{"class":236,"line":237},[234,807,241],{"class":240},[234,809,810],{"class":244}," chmod",[234,812,813],{"class":262}," 640",[234,815,685],{"class":244},[12,817,818,819,822],{},"Rotate logs with ",[43,820,821],{},"logrotate",", remove old credentials, and avoid placing proxy passwords directly in shared scripts or repositories.",[89,824,826],{"id":825},"patch-and-review-regularly","Patch and review regularly",[12,828,829],{},"Keep Linux packages, Squid, authentication helpers, and firewall tools updated. Review ACLs after team or infrastructure changes so old networks and users do not retain access.",[27,831,833],{"id":832},"performance-tuning-and-reliability","Performance Tuning and Reliability",[12,835,836],{},"Performance depends on workload, distance, DNS, cache behavior, server resources, and upstream quality. For a Linux forward proxy, start with these practical tuning areas.",[89,838,840],{"id":839},"tune-cache-settings-for-repeat-traffic","Tune cache settings for repeat traffic",[12,842,843],{},"For workloads with repeated requests, Squid caching can reduce bandwidth and improve response time:",[35,845,847],{"className":402,"code":846,"language":404,"meta":41,"style":41},"cache_mem 512 MB\nmaximum_object_size 64 MB\ncache_dir ufs \u002Fvar\u002Fspool\u002Fsquid 10000 16 256\nrefresh_pattern . 1440 20% 10080\n",[43,848,849,854,859,864],{"__ignoreMap":41},[234,850,851],{"class":236,"line":237},[234,852,853],{},"cache_mem 512 MB\n",[234,855,856],{"class":236,"line":336},[234,857,858],{},"maximum_object_size 64 MB\n",[234,860,861],{"class":236,"line":419},[234,862,863],{},"cache_dir ufs \u002Fvar\u002Fspool\u002Fsquid 10000 16 256\n",[234,865,866],{"class":236,"line":425},[234,867,868],{},"refresh_pattern . 1440 20% 10080\n",[12,870,871],{},"Do not cache sensitive, user-specific, or compliance-restricted content.",[89,873,875],{"id":874},"watch-system-limits","Watch system limits",[12,877,878],{},"High-volume proxies can hit limits before CPU appears fully used. Monitor file descriptors, connection counts, disk I\u002FO, memory, and DNS latency. If one server becomes a bottleneck, split traffic across multiple proxy nodes or use load balancing.",[89,880,882],{"id":881},"choose-the-right-session-strategy","Choose the right session strategy",[12,884,885],{},"Use rotating sessions when requests should be distributed. Use sticky sessions when login continuity, cart flows, or location consistency matter. EProxies supports both rotating and sticky sessions across a residential proxy pool in 195+ countries.",[27,887,889],{"id":888},"monitoring-and-maintenance","Monitoring and Maintenance",[12,891,892],{},"Monitor both the proxy application and the Linux host. At minimum, track:",[202,894,895,898,901,904,907,910,913,916,919],{},[205,896,897],{},"Squid service status",[205,899,900],{},"Listening port availability",[205,902,903],{},"Access logs and cache logs",[205,905,906],{},"CPU, RAM, disk usage, and disk I\u002FO",[205,908,909],{},"Bandwidth and connection counts",[205,911,912],{},"Cache HIT\u002FMISS ratios",[205,914,915],{},"Authentication failures",[205,917,918],{},"DNS errors and upstream timeouts",[205,920,921],{},"HTTP 403, 407, 429, and 5xx spikes",[12,923,924],{},"Useful quick checks:",[35,926,928],{"className":228,"code":927,"language":230,"meta":41,"style":41},"systemctl status squid\nss -lntp | grep 3128\nsudo tail -f \u002Fvar\u002Flog\u002Fsquid\u002Faccess.log\nsudo tail -f \u002Fvar\u002Flog\u002Fsquid\u002Fcache.log\nhtop\n",[43,929,930,940,957,967,978],{"__ignoreMap":41},[234,931,932,935,938],{"class":236,"line":237},[234,933,934],{"class":240},"systemctl",[234,936,937],{"class":244}," status",[234,939,588],{"class":244},[234,941,942,945,948,952,955],{"class":236,"line":336},[234,943,944],{"class":240},"ss",[234,946,947],{"class":262}," -lntp",[234,949,951],{"class":950},"sD7c4"," |",[234,953,954],{"class":240}," grep",[234,956,773],{"class":262},[234,958,959,961,963,965],{"class":236,"line":419},[234,960,241],{"class":240},[234,962,679],{"class":244},[234,964,682],{"class":262},[234,966,685],{"class":244},[234,968,969,971,973,975],{"class":236,"line":425},[234,970,241],{"class":240},[234,972,679],{"class":244},[234,974,682],{"class":262},[234,976,977],{"class":244}," \u002Fvar\u002Flog\u002Fsquid\u002Fcache.log\n",[234,979,981],{"class":236,"line":980},5,[234,982,983],{"class":240},"htop\n",[12,985,986,987,75,990,993,994,996],{},"For ongoing monitoring, use tools such as Prometheus + Grafana, Netdata, Zabbix, Nagios, Uptime Kuma, ",[43,988,989],{},"iftop",[43,991,992],{},"vnStat",", and ",[43,995,821],{},". If your Linux server routes requests through EProxies, also monitor upstream response time, success rate, session behavior, and bandwidth usage in your account dashboard.",[27,998,1000],{"id":999},"troubleshooting-common-issues","Troubleshooting Common Issues",[89,1002,1004],{"id":1003},"clients-cannot-connect","Clients cannot connect",[12,1006,1007],{},"Check that Squid is running and listening:",[35,1009,1011],{"className":228,"code":1010,"language":230,"meta":41,"style":41},"sudo systemctl status squid\nsudo ss -lntp | grep 3128\n",[43,1012,1013,1023],{"__ignoreMap":41},[234,1014,1015,1017,1019,1021],{"class":236,"line":237},[234,1016,241],{"class":240},[234,1018,579],{"class":244},[234,1020,937],{"class":244},[234,1022,588],{"class":244},[234,1024,1025,1027,1030,1032,1034,1036],{"class":236,"line":336},[234,1026,241],{"class":240},[234,1028,1029],{"class":244}," ss",[234,1031,947],{"class":262},[234,1033,951],{"class":950},[234,1035,954],{"class":240},[234,1037,773],{"class":262},[12,1039,1040],{},"Then review firewall rules:",[35,1042,1044],{"className":228,"code":1043,"language":230,"meta":41,"style":41},"sudo ufw status\nsudo firewall-cmd --list-ports\n",[43,1045,1046,1055],{"__ignoreMap":41},[234,1047,1048,1050,1052],{"class":236,"line":237},[234,1049,241],{"class":240},[234,1051,545],{"class":244},[234,1053,1054],{"class":244}," status\n",[234,1056,1057,1059,1061],{"class":236,"line":336},[234,1058,241],{"class":240},[234,1060,603],{"class":244},[234,1062,1063],{"class":262}," --list-ports\n",[89,1065,1067],{"id":1066},"authentication-fails","Authentication fails",[12,1069,1070,1071,1074],{},"Confirm the password file exists, the helper path is correct, and the ",[43,1072,1073],{},"http_access"," rules are ordered properly. Run:",[35,1076,1077],{"className":228,"code":512,"language":230,"meta":41,"style":41},[43,1078,1079],{"__ignoreMap":41},[234,1080,1081,1083,1085,1087],{"class":236,"line":237},[234,1082,241],{"class":240},[234,1084,346],{"class":244},[234,1086,523],{"class":262},[234,1088,526],{"class":244},[12,1090,1091],{},"Then reload Squid:",[35,1093,1095],{"className":228,"code":1094,"language":230,"meta":41,"style":41},"sudo systemctl reload squid\n",[43,1096,1097],{"__ignoreMap":41},[234,1098,1099,1101,1103,1106],{"class":236,"line":237},[234,1100,241],{"class":240},[234,1102,579],{"class":244},[234,1104,1105],{"class":244}," reload",[234,1107,588],{"class":244},[89,1109,1111],{"id":1110},"performance-is-slow","Performance is slow",[12,1113,1114],{},"Check CPU, memory, disk I\u002FO, DNS latency, cache settings, and upstream proxy response time. Also review whether too many clients are using one server or whether request rates are causing target-side throttling.",[89,1116,1118],{"id":1117},"connections-drop-under-load","Connections drop under load",[12,1120,1121,1122,1125],{},"Inspect ",[43,1123,1124],{},"\u002Fvar\u002Flog\u002Fsquid\u002Fcache.log"," for timeout, DNS, and file descriptor errors. If the workload needs stable identity, switch from rotating sessions to sticky sessions. If it needs scale, distribute traffic across more proxy nodes.",[27,1127,1129],{"id":1128},"faq","FAQ",[89,1131,1133],{"id":1132},"how-can-you-enhance-security-while-configuring-a-proxy-server","How can you enhance security while configuring a proxy server?",[12,1135,1136],{},"Enhance proxy security by combining Squid ACLs, firewall source restrictions, username-password authentication, IP allowlists, and a default-deny access policy. Keep the Linux host and proxy software patched, allow only required ports, rotate credentials, and restrict log access so sensitive data is not exposed. If you use EProxies as an upstream residential provider, choose HTTP(S) or SOCKS5 with username-password or IP whitelist authentication based on your application and risk model.",[89,1138,1140],{"id":1139},"what-tools-can-be-used-to-monitor-and-maintain-a-proxy-server","What tools can be used to monitor and maintain a proxy server?",[12,1142,1143,1144,75,1146,75,1149,75,1151,75,1154,75,1156,993,1158,1160,1161,1164],{},"Use Squid logs, ",[43,1145,934],{},[43,1147,1148],{},"journalctl",[43,1150,944],{},[43,1152,1153],{},"htop",[43,1155,989],{},[43,1157,992],{},[43,1159,821],{}," for local monitoring and maintenance. For production visibility, use Prometheus + Grafana, Netdata, Zabbix, Nagios, or Uptime Kuma to track uptime, latency, CPU, memory, disk I\u002FO, bandwidth, error rates, and port availability. Also test configuration changes with ",[43,1162,1163],{},"squid -k parse"," before reloading the service.",[89,1166,1168],{"id":1167},"what-are-the-best-practices-for-ensuring-high-performance-in-proxy-servers","What are the best practices for ensuring high performance in proxy servers?",[12,1170,1171],{},"Tune cache memory, cache directory size, DNS behavior, connection limits, file descriptor limits, and timeout settings according to real traffic patterns. Monitor latency, error rates, bandwidth, and resource usage continuously, then scale horizontally when one server becomes a bottleneck. For residential routing, use rotating sessions for distribution and sticky sessions for continuity; EProxies offers 72M+ residential IPs across 195+ countries with HTTP(S)\u002FSOCKS5 support and 98.2% uptime.",[89,1173,1175],{"id":1174},"what-are-the-differences-between-forward-and-reverse-proxies-on-linux","What are the differences between forward and reverse proxies on Linux?",[12,1177,1178],{},"A forward proxy handles outbound requests from clients to the internet, commonly for access control, caching, traffic logging, or web data workflows. A reverse proxy handles inbound requests to your own servers and is often used for TLS termination, load balancing, rate limiting, and backend protection.",[89,1180,1182],{"id":1181},"should-i-use-https-or-socks5-for-a-linux-proxy-setup","Should I use HTTP(S) or SOCKS5 for a Linux proxy setup?",[12,1184,1185],{},"Use HTTP(S) for browsers, APIs, and standard web traffic because it is simple to configure and works well with HTTP-aware tools. Use SOCKS5 when an application needs broader TCP-level routing or does not fit neatly into HTTP traffic. EProxies supports both, so the right choice depends on your client application and session requirements.",[89,1187,1189],{"id":1188},"is-it-legal-to-use-a-proxy-server-for-web-scraping-on-linux","Is it legal to use a proxy server for web scraping on Linux?",[12,1191,1192],{},"Proxy use itself is not automatically illegal, but legality depends on the data, target site terms, request behavior, and applicable laws. Use rate limits, avoid collecting sensitive personal data without a lawful basis, and respect access rules and robots guidance where applicable.",[1194,1195,1196],"style",{},"html .default .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html pre.shiki code .s7eDp, html code.shiki .s7eDp{--shiki-default:#6F42C1}html pre.shiki code .sYBdl, html code.shiki .sYBdl{--shiki-default:#032F62}html pre.shiki code .sgsFI, html code.shiki .sgsFI{--shiki-default:#24292E}html pre.shiki code .sYu0t, html code.shiki .sYu0t{--shiki-default:#005CC5}html pre.shiki code .sD7c4, html code.shiki .sD7c4{--shiki-default:#D73A49}",{"title":41,"searchDepth":336,"depth":336,"links":1198},[1199,1200,1205,1206,1213,1219,1224,1225,1231],{"id":29,"depth":336,"text":30},{"id":86,"depth":336,"text":87,"children":1201},[1202,1203,1204],{"id":91,"depth":419,"text":92},{"id":107,"depth":419,"text":108},{"id":123,"depth":419,"text":124},{"id":193,"depth":336,"text":194},{"id":311,"depth":336,"text":312,"children":1207},[1208,1209,1210,1211,1212],{"id":315,"depth":419,"text":316},{"id":377,"depth":419,"text":378},{"id":442,"depth":419,"text":443},{"id":529,"depth":419,"text":530},{"id":639,"depth":419,"text":640},{"id":713,"depth":336,"text":714,"children":1214},[1215,1216,1217,1218],{"id":720,"depth":419,"text":721},{"id":787,"depth":419,"text":788},{"id":794,"depth":419,"text":795},{"id":825,"depth":419,"text":826},{"id":832,"depth":336,"text":833,"children":1220},[1221,1222,1223],{"id":839,"depth":419,"text":840},{"id":874,"depth":419,"text":875},{"id":881,"depth":419,"text":882},{"id":888,"depth":336,"text":889},{"id":999,"depth":336,"text":1000,"children":1226},[1227,1228,1229,1230],{"id":1003,"depth":419,"text":1004},{"id":1066,"depth":419,"text":1067},{"id":1110,"depth":419,"text":1111},{"id":1117,"depth":419,"text":1118},{"id":1128,"depth":336,"text":1129,"children":1232},[1233,1234,1235,1236,1237,1238],{"id":1132,"depth":419,"text":1133},{"id":1139,"depth":419,"text":1140},{"id":1167,"depth":419,"text":1168},{"id":1174,"depth":419,"text":1175},{"id":1181,"depth":419,"text":1182},{"id":1188,"depth":419,"text":1189},"how-tos","2026-07-03","Follow this Linux proxy setup guide to install, secure, tune, and maintain a proxy server with Squid, HTTP(S), SOCKS5, rotation, and monitoring, plus tips.",false,"md","\u002Fzh-cn\u002Fblog\u002Fguide-to-setting-up-a-proxy-server-on-linux","en",{"authorBio":1247},"The EProxies Data Solutions Team helps engineering and analytics teams build compliant public-web data pipelines—covering request distribution, error handling, and respecting target-site terms and applicable laws to keep collection sustainable.",true,"\u002Fblog\u002Fen\u002Fguide-to-setting-up-a-proxy-server-on-linux",13,{"title":5,"description":1241},"guide-to-setting-up-a-proxy-server-on-linux","blog\u002Fen\u002Fguide-to-setting-up-a-proxy-server-on-linux",[5],"m0sTATxXHjb5rm2qwfct-ikA95IWX2cCrPzs8YFF8AI",[1257,1258],{"path":1249,"lang":1245},{"path":1259,"lang":1260},"\u002Fblog\u002Fzh-cn\u002Fguide-to-setting-up-a-proxy-server-on-linux","zh-cn",1783092653150]