How to Set Up a Proxy Server on Linux
One of the key reasons some users choose Linux over other operating systems is its privacy benefits. Linux collects minimal user data when compared to macOS and Windows. You can take this privacy even further by using a web proxy server on your Linux machine. In today’s article, we will discuss how to set up Linux proxy server solutions on popular distros like Ubuntu and Debian. Without wasting any more of your time, let’s jump right into the linux proxy server setup process.
Key Takeaways
- A proxy server sits between your Linux machine and the internet, letting you mask your IP, filter traffic, and cache pages — and you can either route your machine through one or turn it into a proxy yourself.
- HTTP and SOCKS5 are the two protocols you’ll meet most. HTTP covers web traffic and the terminal; SOCKS5 handles almost anything else. We explain when to pick each below.
- Environment variables are the quickest way in. Setting http_proxy and https_proxy tells curl, wget, and your browser which proxy to use, temporarily or permanently.
- A system-wide proxy goes in /etc/environment. This is the most reliable spot when you want every user and service on the machine to use the proxy, including a no_proxy rule for local addresses.
- APT needs its own proxy config. Debian and Ubuntu’s package manager ignores your shell variables, so you set it separately in /etc/apt/apt.conf.d/95proxies — full steps below.
- Squid turns your Linux box into a proxy server. We walk through installing it on Ubuntu/Debian and CentOS/RHEL, editing squid.conf, setting ACLs, and restarting the service.
- SOCKS5 is a one-line SSH tunnel away. For non-web traffic, ssh -D 1080 spins up a secure SOCKS5 proxy you can point your apps and browser at.
- Testing and security come last but matter most. Verify everything with curl and wget, watch your Squid logs, and lock down access with tight ACLs and authentication so no one rides your proxy uninvited.
What Is a Proxy Server on Linux?
A proxy server on Linux acts as a middleman between your machine and the internet. Instead of your applications connecting to a website directly, the request goes through the proxy first, which then forwards it on your behalf. This lets you mask your IP address, filter traffic, cache frequently visited pages, and control what leaves your network.
On Linux you can work with proxies in two ways. You can configure your machine as a client that routes its own traffic through an external proxy, or you can turn your machine into a proxy server itself using a tool like Squid. We will cover both in this guide.
It also helps to know the two protocols you will run into most often:
- HTTP/HTTPS proxy – handles web traffic only. This is what you set through the http_proxy and https_proxy environment variables, and it is the most common choice for browsing, curl, wget, and package managers.
- SOCKS5 proxy – works at a lower level and can route almost any kind of traffic, not just web requests. It is the better option for things like FTP, gaming, or tunneling traffic through SSH.
If you only need to browse or run command-line tools through a proxy, an HTTP proxy is enough. If you need to route other applications too, keep the SOCKS5 method below in mind.
Configuring a Proxy on the Client
The goal of environment variables is to tell your system where to find certain settings, programs, or files. When it comes to proxies, setting up environment variables helps applications like curl, wget, or browsers determine which proxy to use. The procedure for setting up environment variables for the different operating systems varies. Let’s explore the setup process for each SO below;
Setting the http_proxy and https_proxy Variables on Linux
On Linux, the proxy settings most applications read are stored in the http_proxy and https_proxy environment variables. Setting these tells tools like curl, wget, and apt which proxy to send traffic through. Using your Linux terminal, run the commands below.
Using your macOS or linux machine terminal, run these commands:
Temporary Sessions
export http_proxy=http://username:password@proxy-server:port
export https_proxy=http://username:password@proxy-server:portPermanent Session
echo 'export http_proxy="http://username:password@proxy-server:port"' >> ~/.bashrc
echo 'export https_proxy="http://username:password@proxy-server:port"' >> ~/.bashrc
source ~/.bashrc
Where:
- Username and password are your proxy login credentials (if you choose to use authentication)
- Proxy server is the proxy IP address
- Port is the proxy port number
If you are using a Mac, replace .bashrc with .zshrc
Windows Command
On your Windows machine, run these commands using the Windows command prompt:
setx HTTP_PROXY "http://username:password@proxy-server:port"
setx HTTPS_PROXY "http://username:password@proxy-server:port"Installing a Proxy in APT (Debian/Ubuntu)
Step 1: Create the APT configuration file using nano
Run this command in your terminal to create the configuration using the nano editor.
sudo nano /etc/apt/apt.conf.d/95proxiesStep 2: Add the proxy setting to your configuration file
If you intend to use a proxy without authentication, add the following text to the configuration file:
Acquire::http::Proxy "http://proxy-server:port/";
Acquire::https::Proxy "http://proxy-server:port/";If authentication is a requirement, you will need to make a few changes to the above text as shown below.
Acquire::http::Proxy "http://username:password@proxy-server:port/";
Acquire::https::Proxy "http://username:password@proxy-server:port/";Step 3: Save file
Press CTRL+O, ENTER, then CTRL+X to save the file and exit the nano editor. After saving this file, you can run the cat /etc/apt/apt.conf.d/95proxies command to view the file and confirm that it has all the text as required.
Step 4: Install The Proxy
Run these commands in terminal
sudo apt update
sudo apt install squid -yTips to avoid mistakes
- Always run sudo apt update first
- If the installation fails, consider checking your internet connection
- Double check the syntax before running the commands
- Make sure to copy the commands the way they are with all the commas, quotes, and other characters included.
Configuring a Proxy Server (Squid)
Installing Squid
Installing Squid, will use different commands depending on your distribution. Here are the installation commands for some of the most common distributions.
Installing Squid on Ubuntu/Debian
Open terminal and run these commands:
sudo apt update
sudo apt install squid -yInstalling Squid on CentOS/RHEL
Open your terminal and run these command:
sudo yum install squid -yTo check if the squid installation was successful on any of the above distributions, run the squid -v command.
Basic Squid Configuration
After installing squid, you will need to make a couple of configurations to ensure everything works as expected. These are the simple configuration steps:
Step 1: Open the configuration file
Run the sudo nano /etc/squid/squid.conf command to open the file.
Step 2: Add the basic configurations
Once the file opens, scroll to the bottom and add the text below:
http_port 3128
# Allow local network
acl localnet src 192.168.1.0/24
http_access allow localnet
# Deny all other traffic
http_access deny all
Please note that 192.168.1.0/24 is the IP range for your network. So, make sure you replace it with your actual network IP range. After adding the basic configurations to the file, press CTRL+O → ENTER → CTRL+X to save the file and exit the nano editor.
Step 3: Check for errors and Restart Squid
Run the sudo squid -k parse command to check for any errors in the squid configurations. If there are no errors, run the sudo systemctl restart squid command to restart Squid. Restarting applies the above changes.
Checking the Proxy Server
Testing the Proxy Server Locally Using wget and curl
After making the installation and the necessary configurations, it is now time to check if the proxy server actually works. Use the curl and wget commands below to test the server:
curl -x http://localhost:3128 https://google.com
wget -e use_proxy=yes -e http_proxy=http://localhost:3128 http://google.com Verify Logs
Run the sudo tail -f /var/log/squid/access.log to verify the logs. If everything worked as expected, you should observe google.com traffic passing through the proxy server.
Setting Up a SOCKS5 Proxy on Linux
So far we have focused on HTTP proxies, which cover web traffic. If you need to route other kinds of traffic, a SOCKS5 proxy is the more flexible option. The quickest way to create one on Linux is through SSH, which builds a secure SOCKS5 tunnel to a remote server you have access to.
Step 1: Create the SOCKS5 tunnel
Run this command in your terminal:
ssh -D 1080 -q -C -N username@remote-hostHere is what each option does:
- D 1080 opens a SOCKS5 proxy on local port 1080
- q runs SSH quietly
- C enables compression to speed things up
- N tells SSH not to run any remote commands, just hold the tunnel open
Replace username and remote-host with your SSH login and the server’s IP or hostname.
Step 2: Point your application to the proxy
Your SOCKS5 proxy is now running at localhost:1080. You can use it with curl to test it:
curl -x socks5://localhost:1080 https://google.comIn a browser like Firefox, go to Settings -> Network Settings -> Manual Proxy Configuration and set the SOCKS host to localhost with port 1080.
Troubleshooting & Security Tips
Here are some tips to fix common errors:
- Server not working in terminal: To fix this, check environment variables to ensure they are well configured.
- APT failure after setting proxy: Ensure to always run the apt update command first. Also check the syntax for any mistakes
- Squid does not work: Check syntax and restart the service using the sudo systemctl restart squid command.
- Proxy not accessible on other devices: Make sure the port 3128 is open. Check the squid.conf file to confirm.
Some security tips to remember:
- In your squid.conf file, make sure only trusted networks are allowed. Deny everything else
- Fore more security, add the requirement to login before using the proxy
- Always monitor your squid logs for any signs of unauthorized access
Final Thoughts
This article has covered everything you need to know to successfully install a proxy server on your Linux machine. When following the steps, make sure to copy the commands correctly to avoid getting errors due to wrong syntax. Also, understand each step, as this can help in troubleshooting if anything goes wrong. But most importantly, follow the security tips we recommended, especially using the write ACLs to avoid anyone getting unauthorized access to your proxy.
Article written by:
Full Stack AI Engineer
Alexandre brings deep full-stack expertise to Proxywing's engineering efforts — from backend architecture and performance optimization to AI-driven development workflows. His hands-on work spans Node.js, React, cloud infrastructure, and RAG pipelines, giving him a rare ability to tackle both proxy platform internals and user-facing product challenges. At Proxywing, Alexandre focuses on designing resilient systems, eliminating performance bottlenecks, and integrating modern AI tooling into the development process. Outside of coding, he's passionate about exploring the frontiers of AI engineering and building side projects that push his technical boundaries.
All articles by author (43)FAQ
Run echo $http_proxy and echo $https_proxy in your terminal. If they return your proxy address, the variables are set. To see system-wide settings, open /etc/environment.
For the current session, run unset http_proxy https_proxy. To remove it permanently, delete the matching lines from your ~/.bashrc or /etc/environment file and reload it.
An HTTP proxy only handles web traffic and is set through environment variables. A SOCKS5 proxy works at a lower level and can route almost any traffic, which makes it a better fit for non-web applications.
APT does not read your shell variables. You need to set the proxy separately in /etc/apt/apt.conf.d/95proxies, as shown earlier in this guide. Also make sure the syntax is correct and run sudo apt update first.
Yes. Prefix the command with the variable, for example http_proxy=http://proxy-server:port curl https://example.com. This applies the proxy to that one command without changing your session.
