wiki:doc/TorifyHOWTO/WebBrowsers

Version 18 (modified by karsten, 7 years ago) (diff)

Name changed from TheOnionRouter/TorifyHOWTO/WebBrowsers to doc/TorifyHOWTO/WebBrowsers

Web browsers

Web browsing and Privoxy is also covered in the tor setup docs, specifically

Internet Explorer

Warning: Internet Explorer has many flaws which could drastically reduce your anonymity. It is highly advised to use another, more secure browser.

Tools -> Internet options -> Connections -> LAN settings -> Proxy server -> Use a proxy server for your LAN

Address: 127.0.0.1
Port: 8118

See also http://support.microsoft.com/kb/135982 for informations on how to set up a proxy server

Konqueror

Settings -> Configure Konqueror -> Proxy -> Manually Specify the proxy settings -> Setup

HTTP/S Proxy: 127.0.0.1 port 8118

Or edit $HOME/.kde/share/config/kioslaverc:

...
ProxyType=1
...
NoProxyFor=127.0.0.1,localhost
...
httpProxy=http://127.0.0.1:8118
httpsProxy=http://127.0.0.1:8118

Setup -> Network Options

HTTP Proxy:  127.0.0.1 port 8118

Or edit /etc/links.cfg (system-wide) or $HOME/.links/links.cfg (per-user):

...
http_proxy 127.0.0.1:8118
...

Lynx

Lynx will respect the http_proxy enviroment variable, but you can edit /etc/lynx.cfg:

...
http_proxy:http://127.0.0.1:8118/
https_proxy:http://127.0.0.1:8118/
...
no_proxy:localhost,127.0.0.1
...

Opera

Open Tools -> Preferences -> Advanced -> Network -> Proxy Servers. Check HTTP and enter "127.0.0.1" and "8118" as port or open about:config and enter "127.0.0.1:8118" in Proxy -> HTTP Server.

Mozilla Firefox

In later versions of Firefox, at least in the current version 1.5.0.1 under Linux and Windows XP, you can enable the browser to do remote domain name lookups. The option network.proxy.socks_remote_dns is available via about:config and should look like

network.proxy.socks_remote_dns 	user set 	boolean 	true

At http://www.imperialviolet.org/deerpark.html you can find an excellent step-by-step introduction on how to configure Firefox in this manner. Be careful, though: In some versions of Firefox, it is possible that even with this option set remote DNS resolution will not work. In this case, you may want to use Privoxy or similar projects. To find out whether your version implements remote DNS resolution correctly, you may try out a URL ending in .onion, like http://6sxoyfb3h2nvok2d.onion/tor/leading to the http://6sxoyfb3h2nvok2d.onion/tor/. If the Hidden Wiki shows up, remote DNS resolution works.

Otherwise, to use Privoxy with Firefox 1.5x on Windows, do the following in Firefox:

Tools -> Options -> General -> Connection Settings -> Manual proxy configuration

Set HTTP Proxy 127.0.0.1 (or localhost), port 8118 and tick the box [X] Use for all protocols. Or you may explicitly set the Proxy information for SSL, FTP, and Gopher to localhost/8118 and then set the SOCKS Host information to localhost/9050, making sure to specify SOCKS v5.

Remember: Configuring Privoxy for FTP will break ftp:// URLs, but if you don't do this, your Firefox will leak your IP address for those sites. Use Filezilla for handling FTP traffic or read the FTP section.

Also, Mac OS X users should change the above preferences by entering about:config in the URL bar because the firefox preferences dialog is a bit screwy.

See Also: http://wiki.greenmilitia.com/index.php?title=Set_Up_Iceweasel_for_TOR on Greenmilitia's wiki

Circumventing Tor blocks using open HTTP proxies

Some websites have blocked access from Tor users. Often, however, these websites still allow access from any of millions of open HTTP proxies on the internet. Unfortunately, using an open HTTP proxy directly is not very anonymous.

The solution is to chain an open HTTP proxy between Tor and the unfriendly website. This provides all the anonymity benefits of Tor, while obscuring the fact that you're using Tor from the website.

Privoxy

One method involves Privoxy. This example config will send all requests through Tor, only chaining an open HTTP proxy after Tor for a select site. Replace 0.0.0.0:80 with the proxy's address and port.

forward-socks4a / localhost:9050 .
forward-socks4a *.wikipedia.org localhost:9050 0.0.0.0:80

Socat

Another method requires Socat. This will forward all connections to localhost:8080 to an open HTTP proxy through Tor. Just configure your browser to use localhost:8080 as an HTTP proxy. Once again, replace 0.0.0.0:80 with the proxy's address and port.

socat TCP4-LISTEN:8080,bind=localhost,fork SOCKS4A:localhost:0.0.0.0:80,socksport=9050

3proxy

Download and install (may need compiling) the 3Proxy proxy server. Create a configuration file (plain text) like this:

# put 3proxy in background mode. For Windows replace with "service"
daemon
# set archiver to compress log files. Remove or replace for Windows.
archiver gz /bin/gzip %F
# we'll have 2 log files
rotate 2
# format of log record
logformat "- +_L%d.%m %H:%M:%S srv=%N:%p err=%E src=%C:%c dst=%R:%r out=%O in=%I %T"
# path to log file (CHANGE IT BECAUSE IT'S NOT SECURE!), rotate it monthly
log /tmp/3proxy.log M
# set timeouts above defaults, because tor may be a bit slow
timeouts 30 30 60 60 180 1800 60 120
# this is required to use ACLs and redirections
auth iponly
# preventing DNS requests leak
fakeresolve
# redirect all traffic
allow *
# first redirection hop is tor
parent 1000 socks4+ 127.0.0.1 9050
# and the second hop is an open HTTP proxy. Replace "0.0.0.0 80" with the proxy's address and port.
parent 1000 http 0.0.0.0 80
# now, start anonymous HTTP proxy on localhost:8080, configure this in
# your browser as single proxy for all protocols
proxy -a -i127.0.0.1 -p8080

(you should edit at least the log path) and start 3proxy, giving the configuration file name on the command line. For Linux, this may look something like ./3proxy ./3proxyrc.