Next-Gen App & Browser Testing Cloud
Trusted by 2 Mn+ QAs & Devs to accelerate their release cycles

To set up a proxy server on Linux you have three options: configure the system to route through an existing proxy using the desktop GUI, set http_proxy and https_proxy environment variables in the terminal, or install a dedicated proxy such as Squid to serve other machines on your network. This guide walks through all three, then covers authentication and how to test the setup.
A proxy server sits between a client and the internet, forwarding requests and responses on the client's behalf. On Linux it is used to cache frequently requested content, filter or block traffic, enforce access policies, and hide the origin of requests. You can either point your Linux machine at a proxy provided by an administrator, or run your own proxy that other devices connect through. For the underlying concept, see the guide on what a proxy server is and how it works.
If you are given a proxy auto-config (PAC) script address, or you want Linux to discover settings automatically, configure it in system settings or environment variables.
Using the Desktop GUI
The most portable approach on servers and headless systems is to export proxy variables. For a single user, add the following to ~/.bashrc or ~/.profile, then run source ~/.bashrc:
export http_proxy="http://proxy.example.com:3128"
export https_proxy="http://proxy.example.com:3128"
export no_proxy="localhost,127.0.0.1,.internal.example.com"For a system-wide proxy that applies to every user and service, add the same values (in both lower-case and upper-case forms, since some applications only read one) to /etc/environment, then log out and back in or restart:
http_proxy="http://proxy.example.com:3128"
https_proxy="http://proxy.example.com:3128"
HTTP_PROXY="http://proxy.example.com:3128"
HTTPS_PROXY="http://proxy.example.com:3128"
no_proxy="localhost,127.0.0.1"Always include exceptions for local traffic with no_proxy so loopback and internal hosts bypass the proxy. Package managers need their own config; for apt, add the proxy to /etc/apt/apt.conf.d/95proxies.
To run your own proxy that other machines connect through, install Squid, a widely used caching proxy. On Ubuntu or Debian:
sudo apt update
sudo apt install squid -y
sudo systemctl enable --now squidSquid stores its configuration in /etc/squid/squid.conf. Back up the default file, then edit the listening port and access control lists (ACLs) that decide who may use the proxy:
# Listening port (default 3128)
http_port 3128
# Allow a local network to use the proxy
acl localnet src 192.168.1.0/24
http_access allow localnet
http_access deny allSave the file and restart the service so changes take effect. If a firewall is active, allow the Squid port:
sudo systemctl restart squid
sudo ufw allow 3128/tcpFor extra security, add basic authentication so only known users can route traffic. Create a password file and reference it in squid.conf:
sudo apt install apache2-utils -y
sudo htpasswd -c /etc/squid/passwd proxyuserAdd the following to squid.conf, then restart Squid:
auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/passwd
acl authenticated proxy_auth REQUIRED
http_access allow authenticatedFinally, verify the proxy actually forwards traffic using curl. A 200 or HTTP/1.1 200 response confirms it works:
curl -x http://127.0.0.1:3128 -I https://example.comSetting up a proxy server in Linux ranges from a two-minute change to route your own traffic, using GUI settings or environment variables, to installing and hardening a full Squid proxy that serves an entire network. Choose environment variables for individual machines and Squid when you need caching, access control, and authentication. Whichever route you take, always define no_proxy exceptions, open the firewall port, and verify the setup with curl before relying on it.
Squid listens on TCP port 3128 by default, defined by the http_port directive in /etc/squid/squid.conf. You can change it to any free port, then restart the Squid service and update your firewall to allow client machines to connect on the new port.
Run a request through the proxy with curl, for example: curl -x http://127.0.0.1:3128 -I https://example.com. A 200 response confirms the proxy forwarded the request. You can also tail /var/log/squid/access.log to watch requests as clients make them.
System-wide settings in /etc/environment apply to every user and service on the machine. Single-user settings in ~/.bashrc or ~/.profile apply only to that user's shell sessions. Use system-wide for servers and single-user when only your account should route through the proxy.
Create or edit /etc/apt/apt.conf.d/95proxies and add lines such as Acquire::http::Proxy "http://proxy:3128"; and Acquire::https::Proxy "http://proxy:3128";. apt then downloads packages through the proxy without relying on shell environment variables.
Install apache2-utils, create a password file with htpasswd, then add a basic_ncsa_auth auth_param block and an acl authenticated proxy_auth REQUIRED rule in squid.conf. Restart Squid so only users with valid credentials can route traffic through the proxy.
A proxy centralizes and controls outbound traffic, so testers can cache responses, filter or block domains, simulate network conditions, and inspect requests. In CI and cloud testing it also enables secure access to internal apps that are not exposed to the public internet.
KaneAI - Testing Assistant
World’s first AI-Native E2E testing agent.

TestMu AI forEnterprise
Get access to solutions built on Enterprise
grade security, privacy, & compliance