7 CONTENT="Modular DocBook HTML Stylesheet Version 1.76b+
10 TITLE="Privoxy Frequently Asked Questions"
11 HREF="index.html"><LINK
14 HREF="installation.html"><LINK
17 HREF="misc.html"><LINK
20 HREF="../p_doc.css"></HEAD
31 SUMMARY="Header navigation table"
40 >Privoxy Frequently Asked Questions</TH
48 HREF="installation.html"
86 >3.1. Where can I get updated Actions Files?</H3
88 > Based on your feedback and the continuing development, updates of
93 made available from time to time on the <A
94 HREF="http://sourceforge.net/project/showfiles.php?group_id=11118"
99 HREF="http://sf.net/projects/ijbswa/"
105 > If you wish to receive an email notification whenever we release updates of
109 > or the actions file, <A
110 HREF="http://lists.sourceforge.net/lists/listinfo/ijbswa-announce/"
113 to our announce mailing list</A
114 >, ijbswa-announce@lists.sourceforge.net.
124 >3.2. Can I use my old config files?</H3
126 > The syntax and purpose of configuration files has remained the same
127 throughout the 3.x series. Although each release contains updated,
131 > versions and it is recommended to use the newer
135 > But all configuration files have substantially
136 changed from the <SPAN
143 >. The old files, like
147 > will not work at all.
151 HREF="../user-manual/whatsnew.html"
155 page for information on configuration changes that may occur from one release to another.
165 >3.3. What exactly is an <SPAN
171 HREF="../user-manual/actions-file.html"
176 HREF="../user-manual/actions-file.html#ACTIONS"
183 > could take while processing a certain
184 request, are configured. Typically, you would define a set of default actions
185 that apply to all URLs, then add exceptions to these defaults where needed.
186 There is a wide array of actions available that give the user a high degree
187 of control and flexibility on how to process each and every web page.</P
189 > Actions can be defined on a <A
190 HREF="../user-manual/actions-file.html#AF-PATTERNS"
194 for single URLs, whole web sites, groups or parts thereof etc. Actions can also be
195 grouped together and then applied to requests matching one or more patterns.
196 There are many possible actions that might apply to any given site. As an example,
197 if you are blocking <A
198 HREF="http://en.wikipedia.org/wiki/Browser_cookie"
202 as one of your default actions, but need to accept cookies from a given site,
203 you would need to define an exception for this site in one of your actions
204 files, preferably in <TT
219 > concept confuses me. Please list
225 > For a comprehensive discussion of the actions concept, please refer
227 HREF="../user-manual/actions-file.html"
232 HREF="../user-manual/index.html"
237 HREF="../user-manual/actions-file.html#ACTIONS"
239 >list of all actions</A
242 HREF="../user-manual/actions-file.html#ACT-EXAMPLES"
246 > to get you started.</P
255 >3.5. How are actions files configured? What is the easiest
258 > Actions files are just text files in a special syntax and can be edited
259 with a text editor. But probably the easiest way is to access
263 >'s user interface with your web browser
265 HREF="http://config.privoxy.org/"
267 >http://config.privoxy.org/</A
277 HREF="http://config.privoxy.org/show-status"
280 change the current configuration</A
291 >3.6. There are several different <SPAN
300 > v2.9.15, three actions files
301 are being included, to be used for
302 different purposes: These are
310 which is actively maintained by the <SPAN
317 >, where users are encouraged
318 to make their private customizations, and <TT
322 which is for internal <SPAN
327 HREF="../user-manual/actions-file.html"
329 >the actions chapter</A
332 HREF="../user-manual/index.html"
336 detailed explanation.</P
338 > Earlier versions included three different versions of the
342 > file. The new scheme allows for
343 greater flexibility of local configuration, and for browser based
344 selection of pre-defined <SPAN
346 >"aggressiveness"</SPAN
356 >3.7. How can I make my Yahoo/Hotmail/Gmail account work?</H3
358 > The default configuration shouldn't impact the usability of any of these services.
359 It will, however, make all <A
360 HREF="http://en.wikipedia.org/wiki/Browser_cookie"
364 temporary, so that your browser will forget your
365 login credentials in between browser sessions. If you would like not to have to log
366 in manually each time you access those websites, simply turn off all cookie handling
370 > file. An example for yahoo might
382 ># Allow all cookies for Yahoo login:
385 HREF="../user-manual/actions-file.html#CRUNCH-INCOMING-COOKIES"
387 >crunch-incoming-cookies</A
389 HREF="../user-manual/actions-file.html#CRUNCH-OUTGOING-COOKIES"
391 >crunch-outgoing-cookies</A
393 HREF="../user-manual/actions-file.html#SESSION-COOKIES-ONLY"
395 >session-cookies-only</A
397 .login.yahoo.com</PRE
404 > These kinds of sites are often quite complex and heavy with
406 HREF="http://en.wikipedia.org/wiki/Javascript"
421 HREF="../user-manual/actions-file.html#ALIASES"
436 ># Gmail is a _fragile_ site:
449 > Be sure to flush your browser's caches whenever making these kinds of
450 changes, just to make sure the changes <SPAN
456 > Make sure the domain, host and path are appropriate as well. Your browser can
457 tell you where you are specifically and you should use that information for
458 your configuration settings. Note that above it is not referenced as
462 >, which is a valid domain name.
472 >3.8. What's the difference between the
481 >"Adventuresome"</SPAN
487 > is not entirely trivial. To
488 help you get started, we provide you with three different default action
492 > in the web based actions file editor at <A
493 HREF="http://config.privoxy.org/show-status"
495 >http://config.privoxy.org/show-status</A
498 HREF="../user-manual/actions-file.html"
505 > for a list of actions, and how the default
509 > Where the defaults are likely to break some sites, exceptions for
513 > sites are included, but in
514 general, the more aggressive your default settings are, the more exceptions
515 you will have to make later. See the <A
516 HREF="../user-manual/index.html"
523 for a more detailed discussion.</P
525 > It should be noted that the <SPAN
527 >"Adventuresome"</SPAN
528 > profile (formerly known
532 > profile) is not only more
533 aggressive, but also includes fun and, extreme usage of most of
537 > features. Use at your own risk!</P
546 >3.9. Why can I change the configuration
547 with a browser? Does that not raise security issues?</H3
549 > It may seem strange that regular users can edit the config files with their
550 browsers, although the whole <TT
554 belongs to the user <SPAN
557 >, with only 644 permissions.
560 > When you use the browser-based editor, <SPAN
564 itself is writing to the config files. Because
568 > is running as the user <SPAN
572 it can update the config files.
578 > for multiple untrusted users (e.g. in
579 a LAN), you will probably want to turn the web-based editor and remote toggle
580 features off by setting <SPAN
585 HREF="../user-manual/config.html#ENABLE-EDIT-ACTIONS"
587 >enable-edit-actions</A
596 HREF="../user-manual/config.html#ENABLE-REMOTE-TOGGLE"
598 >enable-remote-toggle</A
603 HREF="../user-manual/config.html"
605 >main configuration file</A
609 > Note that in the default configuration, only local users (i.e. those on
613 >) can connect to <SPAN
617 so this is not (normally) a security problem.
627 >3.10. What is the <TT
630 > file? What is a <SPAN
636 HREF="../user-manual/filter-file.html"
649 > as supplied by the developers are defined.
650 Filters are a special subset of actions that can be used to modify or
651 remove, web page content on the fly. Filters apply to <SPAN
658 in the page source (and optionally both client and server headers), including
659 HTML tags, and JavaScript. Regular expressions are used to accomplish this.
660 There are a number of pre-defined filters to deal with common annoyances. The
661 filters are only defined here, to invoke them, you need to use the
663 HREF="../user-manual/actions-file.html#FILTER"
670 > in one of the actions files. Filtering is automatically
671 disabled for inappropriate MIME types.</P
673 > If you are familiar with regular expressions, and HTML, you can look at
677 > with a text editor and define
678 your own filters. This is potentially a very powerful feature, but
679 requires some expertise in both regular expressions and HTML/HTTP.
681 place any modifications to the default filters, or any new ones you create
682 in a separate file, such as <TT
686 be overwritten during upgrades.
687 The ability to define multiple filter files
691 > is a new feature as of v. 3.0.4.</P
693 > There is no GUI editor option for this part of the configuration,
694 but you can disable/enable the various pre-defined filters of the included
699 HREF="http://config.privoxy.org/show-status"
701 >web-based actions file editor</A
711 >3.11. How can I set up Privoxy to act as a proxy for my
717 > only responds to requests
721 > (localhost). To have it act as a server for
722 a network, this needs to be changed in the <A
723 HREF="../user-manual/config.html"
725 >main configuration file</A
730 HREF="../user-manual/config.html#LISTEN-ADDRESS"
735 option, which may be commented out with a <SPAN
739 it is uncommented, and assign it the address of the LAN gateway interface,
740 and port number to use. Assuming your LAN address is 192.168.1.1 and you
744 > on port 8118, this line
755 > listen-address 192.168.1.1:8118</PRE
761 > Save the file, and restart <SPAN
765 all browsers on the network then to use this address and port number.</P
767 > Alternately, you can have <SPAN
771 all available interfaces:</P
781 > listen-address :8118</PRE
792 HREF="../user-manual/config.html#PERMIT-ACCESS"
796 feature to limit connections. A firewall in this situation is recommended
799 > The above steps should be the same for any TCP network, regardless of
805 > on a LAN with untrusted users,
806 we recommend that you double-check the <A
807 HREF="../user-manual/config.html#ACCESS-CONTROL"
809 >access control and security</A
820 >3.12. Instead of ads, now I get a checkerboard pattern. I don't want to see anything.</H3
822 > The replacement for blocked images can be controlled with the <A
823 HREF="../user-manual/actions-file.html#SET-IMAGE-BLOCKER"
827 >set-image-blocker</TT
830 >. You have the choice of a checkerboard pattern, a transparent 1x1 GIF
834 >), or a redirect to a custom image of your choice.
835 Note that this choice only has effect for images which are blocked as images, i.e.
836 whose URLs match both a <TT
839 HREF="../user-manual/actions-file.html#HANDLE-AS-IMAGE"
853 HREF="../user-manual/actions-file.html#BLOCK"
859 > If you want to see nothing, then change the <A
860 HREF="../user-manual/actions-file.html#SET-IMAGE-BLOCKER"
864 >set-image-blocker</TT
870 >. This can be done by editing the
874 > file, or trough the <A
875 HREF="http://config.privoxy.org/show-status"
877 >web-based actions file editor</A
887 >3.13. Why would anybody want to see a checkerboard pattern?</H3
890 HREF="general.html#WHATSANAD"
891 >telling which image is an ad and which
893 >, is mostly guesswork. While we hope that the standard configuration
894 is rather smart, it can and will make errors. The checkerboard image is visually
895 decent, but it shows you that and where images were blocked, which can be very
896 helpful in case some navigation aid or otherwise innocent image was
897 erroneously blocked. Some people might also enjoy seeing how many banners
913 >3.14. I see some images being replaced by a text
914 instead of the checkerboard image. Why and how do I get rid of this?</H3
916 > This happens when the banners are not embedded in the HTML code of the
917 page itself, but in separate HTML (sub)documents that are loaded into (i)frames
918 or (i)layers, and these external HTML documents are blocked. Being non-images
919 they get replaced by a substitute HTML page rather than a substitute image,
920 which wouldn't work out technically, since the browser expects and accepts
921 only HTML when it has requested an HTML document. </P
923 > The substitute page adapts to the available space and shows itself as a
924 miniature two-liner if loaded into small frames, or full-blown with a
925 large red "BLOCKED" banner if space allows.</P
927 > If you prefer the banners to be blocked by images, you must see to it that
928 the HTML documents in which they are embedded are not blocked. Clicking
932 > link offered in the substitute page will show
933 you which rule blocked the page. After changing the rule and un-blocking
934 the HTML documents, the browser will try to load the actual banner images
935 and the usual image blocking will (hopefully!) kick in.</P
944 >3.15. Can Privoxy run as a service
947 > Yes. Version 3.0.4 introduces full <SPAN
951 functionality. See <A
952 HREF="../user-manual/installation.html#installation-pack-win"
955 > for details on how to install and configure
961 > Earlier 3.x versions could run as a system service using <B
965 See the discussion at <A
966 HREF="http://sourceforge.net/tracker/?func=detail&atid=361118&aid=485617&group_id=11118"
968 >http://sourceforge.net/tracker/?func=detail&atid=361118&aid=485617&group_id=11118</A
970 for details, and a sample configuration.</P
979 >3.16. How can I make Privoxy work with other
980 proxies like Squid or Tor?</H3
982 > This can be done and is often useful to combine the benefits of
986 > with those of a another proxy.
988 HREF="../user-manual/config.html#FORWARDING"
990 >forwarding chapter</A
993 HREF="../user-manual/index.html"
997 describes how to do this, and the <A
999 > How do I use Privoxy together with
1010 >3.17. Can I just set Privoxy to use port 80
1011 and thus avoid individual browser configuration?</H3
1013 > No, its more complicated than that. This only works with special kinds
1014 of proxies known as <SPAN
1016 >"transparent"</SPAN
1017 > proxies (see below).</P
1026 >3.18. Can Privoxy run as a <SPAN
1028 >"transparent"</SPAN
1034 > currently does not have this ability,
1035 though it may be added in a future release. Transparent proxies require
1036 special handling of the request headers beyond what
1040 > is now capable of.</P
1045 > behind another proxy that has
1046 this ability should work though.
1048 HREF="../user-manual/config.html#FORWARDING"
1050 >forwarding chapter</A
1053 HREF="../user-manual/index.html"
1057 a transparent proxy to be used for chaining we recommend Transproxy
1059 HREF="http://transproxy.sourceforge.net/"
1061 >http://transproxy.sourceforge.net/</A
1071 >3.19. How can I configure Privoxy for use with Outlook
1076 >Outlook Express</SPAN
1079 >Internet Explorer</SPAN
1081 components to both render HTML, and fetch any HTTP requests that may be embedded in an HTML email.
1082 So however you have <SPAN
1085 > configured to work
1086 with IE, this configuration should automatically be shared.</P
1095 >3.20. How can I have separate rules just for HTML mail?</H3
1097 > The short answer is, you can't. <SPAN
1101 of knowing which particular application makes a request, so there is no way to
1102 distinguish between web pages and HTML mail.
1106 > just blindly proxies all requests. In the
1109 >Outlook Express</SPAN
1110 > (see above), OE uses
1111 IE anyway, and there is no way for <SPAN
1115 be able to distinguish between them (nor could any other proxy type application for
1118 > For a good discussion of some of the issues involved (including privacy and
1119 security issues), see
1121 HREF="http://sourceforge.net/tracker/?func=detail&atid=211118&aid=629518&group_id=11118"
1123 >http://sourceforge.net/tracker/?func=detail&atid=211118&aid=629518&group_id=11118</A
1131 NAME="SNEAKY-COOKIES"
1133 >3.21. I sometimes notice cookies sneaking through. How?</H3
1136 HREF="http://en.wikipedia.org/wiki/Browser_cookie"
1140 set in several ways. The classic method is via the
1144 > HTTP header. This is straightforward, and an
1145 easy one to manipulate, such as the <SPAN
1150 HREF="../user-manual/actions-file.html#SESSION-COOKIES-ONLY"
1152 >session-cookies-only</A
1154 There is also the possibility of using
1156 HREF="http://en.wikipedia.org/wiki/Javascript"
1165 >content-cookies</TT
1167 is trickier because the syntax can vary widely, and thus requires a certain
1168 amount of guesswork. It is not realistic to catch all of these short of
1169 disabling Javascript, which would break many sites. And lastly, if the
1170 cookies are embedded in a HTTPS/SSL secure session via Javascript, they are beyond
1179 > can help manage cookies in general, can help minimize
1180 the loss of privacy posed by cookies, but can't realistically stop all
1190 >3.22. Are all cookies bad? Why?</H3
1192 > No, in fact there are many beneficial uses of
1194 HREF="http://en.wikipedia.org/wiki/Browser_cookie"
1197 >. Cookies are just a
1198 method that browsers can use to store data between pages, or between browser
1199 sessions. Sometimes there is a good reason for this, and the user's life is a
1200 bit easier as a result. But there is a long history of some websites taking
1201 advantage of this layer of trust, and using the data they glean from you and
1202 your browsing habits for their own purposes, and maybe to your potential
1203 detriment. Such sites are using you and storing their data on your system.
1204 That is why the security conscious watch from whom those cookies come, and why
1215 HREF="http://en.wikipedia.org/wiki/Browser_cookie"
1226 NAME="ALLOW-COOKIES"
1228 >3.23. How can I allow permanent cookies for my trusted sites?</H3
1230 > There are several actions that relate to cookies. The default behavior is to
1233 >"session cookies"</SPAN
1234 >, which means the cookies only last
1235 for the current browser session. This eliminates most kinds of abuse related
1236 to cookies. But there may be cases where we want cookies to last.</P
1238 > To disable all cookie actions, so that cookies are allowed unrestricted,
1239 both in and out, for <TT
1252 > { -crunch-incoming-cookies -crunch-outgoing-cookies -session-cookies-only -filter{content-cookies} }
1259 > Place the above in <TT
1262 >. Note some of these may
1263 be off by default anyway, so this might be redundant, but there is no harm
1264 being explicit in what you want to happen. <TT
1268 includes an alias for this situation, called
1271 >allow-all-cookies</TT
1281 >3.24. Can I have separate configurations for different users?</H3
1283 > Each instance of <SPAN
1287 configuration, including such attributes as the TCP port that it listens on.
1288 What you can do is run multiple instances of <SPAN
1295 > and configuration path, and then
1296 each of these can have their own configurations. Think of it as per-port
1300 Simple enough for a few users, but for large installations, consider having
1301 groups of users that might share like configurations.</P
1310 >3.25. Can I set-up Privoxy as a whitelist of
1316 > Sure. There are a couple of things you can do for simple whitelisting.
1317 Here's one real easy one:</P
1326 > ############################################################
1328 ############################################################
1330 HREF="../user-manual/actions-file.html#BLOCK"
1334 / # Block *all* URLs
1336 ############################################################
1338 ############################################################
1340 HREF="../user-manual/actions-file.html#BLOCK"
1346 games.example.com</PRE
1351 > This allows access to only those three sites.</P
1353 > A more interesting approach is <SPAN
1360 > concept, which incorporates the notion of
1363 >"trusted referrers"</SPAN
1365 HREF="../user-manual/config.html#TRUSTFILE"
1367 >User Manual Trust</A
1371 > These are fairly simple approaches and are not completely foolproof. There
1372 are various other configuration options that should be disabled (described
1373 elsewhere here and in <A
1374 HREF="../user-manual/"
1378 so that users can't modify their own configuration and easily circumvent the
1387 SUMMARY="Footer navigation table"
1398 HREF="installation.html"