Hero Background

Next-Gen App & Browser Testing Cloud

Trusted by 2 Mn+ QAs & Devs to accelerate their release cycles

Next-Gen App & Browser Testing Cloud

How to Setup a Proxy Server in Linux?

To set up a proxy server on Linux you have three options: configure the system to route through an existing proxy using the desktop GUI, set http_proxy and https_proxy environment variables in the terminal, or install a dedicated proxy such as Squid to serve other machines on your network. This guide walks through all three, then covers authentication and how to test the setup.

What Is a Proxy Server on Linux?

A proxy server sits between a client and the internet, forwarding requests and responses on the client's behalf. On Linux it is used to cache frequently requested content, filter or block traffic, enforce access policies, and hide the origin of requests. You can either point your Linux machine at a proxy provided by an administrator, or run your own proxy that other devices connect through. For the underlying concept, see the guide on what a proxy server is and how it works.

Automatic Proxy Configuration

If you are given a proxy auto-config (PAC) script address, or you want Linux to discover settings automatically, configure it in system settings or environment variables.

Using the Desktop GUI

  • Open System Settings (labeled "Settings" in Ubuntu).
  • Select Network > Proxy to open the proxy configuration section.
  • Change the proxy setting to Automatic.
  • Paste in the script (PAC) address provided by your network administrator.
  • Save the setting and apply.

Manual Proxy Configuration with Environment Variables

The most portable approach on servers and headless systems is to export proxy variables. For a single user, add the following to ~/.bashrc or ~/.profile, then run source ~/.bashrc:

export http_proxy="http://proxy.example.com:3128"
export https_proxy="http://proxy.example.com:3128"
export no_proxy="localhost,127.0.0.1,.internal.example.com"

For a system-wide proxy that applies to every user and service, add the same values (in both lower-case and upper-case forms, since some applications only read one) to /etc/environment, then log out and back in or restart:

http_proxy="http://proxy.example.com:3128"
https_proxy="http://proxy.example.com:3128"
HTTP_PROXY="http://proxy.example.com:3128"
HTTPS_PROXY="http://proxy.example.com:3128"
no_proxy="localhost,127.0.0.1"

Always include exceptions for local traffic with no_proxy so loopback and internal hosts bypass the proxy. Package managers need their own config; for apt, add the proxy to /etc/apt/apt.conf.d/95proxies.

Setting Up a Dedicated Squid Proxy Server

To run your own proxy that other machines connect through, install Squid, a widely used caching proxy. On Ubuntu or Debian:

sudo apt update
sudo apt install squid -y
sudo systemctl enable --now squid

Squid stores its configuration in /etc/squid/squid.conf. Back up the default file, then edit the listening port and access control lists (ACLs) that decide who may use the proxy:

# Listening port (default 3128)
http_port 3128

# Allow a local network to use the proxy
acl localnet src 192.168.1.0/24
http_access allow localnet
http_access deny all

Save the file and restart the service so changes take effect. If a firewall is active, allow the Squid port:

sudo systemctl restart squid
sudo ufw allow 3128/tcp

Adding Authentication and Testing the Proxy

For extra security, add basic authentication so only known users can route traffic. Create a password file and reference it in squid.conf:

sudo apt install apache2-utils -y
sudo htpasswd -c /etc/squid/passwd proxyuser

Add the following to squid.conf, then restart Squid:

auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/passwd
acl authenticated proxy_auth REQUIRED
http_access allow authenticated

Finally, verify the proxy actually forwards traffic using curl. A 200 or HTTP/1.1 200 response confirms it works:

curl -x http://127.0.0.1:3128 -I https://example.com

Common Mistakes and Troubleshooting

  • Setting only lower-case variables: Some tools read HTTP_PROXY (upper-case) only. Define both cases in /etc/environment.
  • Forgetting no_proxy: Without exceptions, loopback and internal traffic gets routed through the proxy and fails. Always exclude localhost and internal domains.
  • Firewall blocking the port: Clients cannot reach Squid if the firewall drops port 3128. Allow the port with ufw or firewalld.
  • Not reloading the shell: Environment changes do not apply until you run source ~/.bashrc or start a new session.
  • Missing http_access allow rule: Squid denies everything by default. Add an ACL and an allow rule, or clients get 403 Forbidden.

Conclusion

Setting up a proxy server in Linux ranges from a two-minute change to route your own traffic, using GUI settings or environment variables, to installing and hardening a full Squid proxy that serves an entire network. Choose environment variables for individual machines and Squid when you need caching, access control, and authentication. Whichever route you take, always define no_proxy exceptions, open the firewall port, and verify the setup with curl before relying on it.

Frequently Asked Questions

What is the default port for a Squid proxy in Linux?

Squid listens on TCP port 3128 by default, defined by the http_port directive in /etc/squid/squid.conf. You can change it to any free port, then restart the Squid service and update your firewall to allow client machines to connect on the new port.

How do I check if my proxy is working in Linux?

Run a request through the proxy with curl, for example: curl -x http://127.0.0.1:3128 -I https://example.com. A 200 response confirms the proxy forwarded the request. You can also tail /var/log/squid/access.log to watch requests as clients make them.

What is the difference between system-wide and single-user proxy settings?

System-wide settings in /etc/environment apply to every user and service on the machine. Single-user settings in ~/.bashrc or ~/.profile apply only to that user's shell sessions. Use system-wide for servers and single-user when only your account should route through the proxy.

How do I set a proxy for the apt package manager?

Create or edit /etc/apt/apt.conf.d/95proxies and add lines such as Acquire::http::Proxy "http://proxy:3128"; and Acquire::https::Proxy "http://proxy:3128";. apt then downloads packages through the proxy without relying on shell environment variables.

How do I add authentication to a Squid proxy?

Install apache2-utils, create a password file with htpasswd, then add a basic_ncsa_auth auth_param block and an acl authenticated proxy_auth REQUIRED rule in squid.conf. Restart Squid so only users with valid credentials can route traffic through the proxy.

Why use a proxy server for testing?

A proxy centralizes and controls outbound traffic, so testers can cache responses, filter or block domains, simulate network conditions, and inspect requests. In CI and cloud testing it also enables secure access to internal apps that are not exposed to the public internet.

Related Questions

Test Your Website on 3000+ Browsers

Get 100 minutes of automation test minutes FREE!!

Test Now...

KaneAI - Testing Assistant

World’s first AI-Native E2E testing agent.

...

TestMu AI forEnterprise

Get access to solutions built on Enterprise
grade security, privacy, & compliance

  • Advanced access controls
  • Advanced data retention rules
  • Advanced Local Testing
  • Premium Support options
  • Early access to beta features
  • Private Slack Channel
  • Unlimited Manual Accessibility DevTools Tests