1 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
8 CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK
10 TITLE="Privoxy Frequently Asked Questions"
11 HREF="index.html"><LINK
14 HREF="configuration.html"><LINK
16 TITLE="Troubleshooting"
17 HREF="trouble.html"><LINK
20 HREF="../p_doc.css"></HEAD
31 SUMMARY="Header navigation table"
40 >Privoxy Frequently Asked Questions</TH
48 HREF="configuration.html"
85 >4.1. How much does <SPAN
88 > slow my browsing down? This
89 has to add extra time to browsing.</A
92 > It should not slow you down any in real terms, and may actually help
93 speed things up since ads, banners and other junk are not being displayed.
94 The actual processing time required by <SPAN
98 itself for each page, is relatively small in the overall scheme of things,
99 and happens very quickly. This is typically more than offset by time saved
100 not downloading and rendering ad images.</P
105 > content via the <VAR
108 HREF="../user-manual/actions-file.html#FILTER"
116 HREF="../user-manual/actions-file.html#DEANIMATE-GIFS"
121 actions may cause a perceived slowdown, since the entire document needs to be buffered
122 before displaying. See below.</P
130 >4.2. I noticed considerable
131 delays in page requests compared to the old Junkbuster. What's wrong?</A
134 > If you use any <VAR
137 HREF="../user-manual/actions-file.html#FILTER"
142 such as filtering banners by size, web-bugs etc, or the <VAR
145 HREF="../user-manual/actions-file.html#DEANIMATE-GIFS"
150 action, the entire document must be loaded into memory in order for the filtering
151 mechanism to work, and nothing is sent to the browser during this time.</P
153 > The loading time does not really change in real numbers, but the feeling is
154 different, because most browsers are able to start rendering incomplete
155 content, giving the user a feeling of "it works". This effect is especially
156 noticeable on slow dialup connections.
159 > Filtering is automatically disabled for inappropriate MIME types. But note
160 that if the web server mis-reports the MIME type, then content that should
161 not be filtered, could be. <SPAN
165 to differentiate filterable content because of the MIME type as reported by
166 the server, or because of some configuration setting that enables/disables
175 >4.3. What are "http://config.privoxy.org/" and
180 HREF="http://config.privoxy.org/"
182 >http://config.privoxy.org/</A
187 >'s built-in user interface, and
192 > is a shortcut for it.</P
197 > sits between your web browser and the Internet,
198 it can simply intercept requests for these addresses and answer them with its built-in
204 > This also makes for a good test for your browser configuration: If entering the
206 HREF="http://config.privoxy.org/"
208 >http://config.privoxy.org/</A
210 takes you to a page saying <SPAN
212 >"This is Privoxy ..."</SPAN
214 If you get a page saying <SPAN
216 >"Privoxy is not working"</SPAN
218 your browser didn't use <SPAN
222 hence it could not be intercepted, and you have accessed the <SPAN
229 web site at config.privoxy.org.</P
231 > With recent versions of <SPAN
235 later), the user interface features information on the run time status, the
236 configuration, and even a built-in editor for the <A
237 HREF="../user-manual/actions-file.html"
242 > Note that the built-in URLs from earlier versions of <SPAN
249 >, http://example.com/show-proxy-args and http://i.j.b/,
250 are no longer supported. If you still use such an old version, you should really consider
251 upgrading to 3.0.3.</P
259 >4.4. Do you still maintain the blocklists?</A
262 > No. The patterns for blocking now reside (among other things) in the <A
263 HREF="../user-manual/actions-file.html"
267 actively maintained instead. See next question ...</P
275 >4.5. How can I submit new ads?</A
278 >Yes, absolutely! Please see the <A
282 how to do that. Please note that you (technically) need the latest
286 > version for this to work.</P
294 >4.6. How can I hide my IP address?</A
297 > If you run both the browser and the proxy locally, you cannot hide your IP
301 > or any other software. The
302 server needs to know your IP address to send the answers back to you. </P
304 > Fortunately there are many publicly usable anonymous proxies out there, which
305 solve the problem by providing a further level of indirection between you and
306 the web server, shared by many people, and thus letting your requests "drown"
307 in white noise of unrelated requests as far as user tracking is concerned.</P
309 > Most of them will, however, log your IP address and make it available to the
310 authorities in case you abuse that anonymity for criminal purposes. In fact
311 you can't even rule out that some of them only exist to *collect* information
312 on (those suspicious) people with a more than average preference for privacy.</P
314 > You can find a list of anonymous public proxies at <A
315 HREF="http://www.multiproxy.org/anon_list.htm"
319 more through Google. A particularly interesting project is the JAP service
320 offered by the Technical University of Dresden (<A
321 HREF="http://anon.inf.tu-dresden.de/index_en.html"
323 >http://anon.inf.tu-dresden.de/index_en.html</A
326 > There is, however, even in the single-machine case the possibility to make the
327 server believe that your machine is in fact a shared proxy serving a whole big
328 LAN, and we are looking into that.</P
339 > guarantee I am anonymous?</A
342 > No. Your chances of remaining anonymous are greatly improved, but unless you
343 are an expert on Internet security it would be safest to assume that
344 everything you do on the Web can be traced back to you.</P
349 > can remove various information about you,
356 > more freedom to decide which sites
357 you can trust, and what details you want to reveal. But it's still possible
358 that web sites can find out who you are. Here's one way this can happen.</P
360 > A few browsers disclose the user's email address in certain situations, such
361 as when transferring a file by FTP. <SPAN
365 does not filter FTP. If you need this feature, or are concerned about the
366 mail handler of your browser disclosing your email address, you might
367 consider products such as <SPAN
372 > Browsers available only as binaries could use non-standard headers to give
373 out any information they can have access to: see the manufacturer's license
374 agreement. It's impossible to anticipate and prevent every breach of privacy
375 that might occur. The professionally paranoid prefer browsers available as
376 source code, because anticipating their behavior is easier. Trust the source,
385 >4.8. Might some things break because header information or
386 content is being altered?</A
389 > Definitely. More and more sites use HTTP header content to decide what to
390 display and how to display it. There is many ways that this can be handled,
391 so having hard and fast rules, is tricky.</P
396 > in particular is often used in this way to identify
397 the browser, and adjust content accordingly. Changing this now (at least not
398 further than removing the OS information) is not recommended, since so many
399 sites do look for it. You may get undesirable results by changing this.</P
401 > For instance, different browsers use different encodings of Russian and Czech
402 characters, certain web servers convert pages on-the-fly according to the
403 User Agent header. Giving a <SPAN
407 operating system or browser manufacturer causes some sites in these languages
408 to be garbled; Surfers to Eastern European sites should change it to
409 something closer. And then some page access counters work by looking at the
413 > header; they may fail or break if unavailable. The
414 weather maps of Intellicast have been blocked by their server when no
418 > or cookie is provided, is another example. (But you
419 can forge both headers without giving information away). There are
420 many other ways things can go wrong when trying to fool a web server.</P
422 > Similar thoughts apply to modifying JavaScript, and, to a lesser degree,
425 > If you have problems with a site, you will have to adjust your configuration
426 accordingly. Cookies are probably the most likely adjustment that may
427 be required, but by no means the only one.</P
442 speed up web browsing?</A
445 > No, it does not have this ability at all. You want something like
447 HREF="http://www.squid-cache.org/"
450 > for this. And, yes,
451 before you ask, <SPAN
455 with other kinds of proxies like <SPAN
460 HREF="../user-manual/config.html#FORWARDING"
465 HREF="../user-manual/index.html"
477 >4.10. What about as a firewall? Can <SPAN
483 > Not in the way you mean, or in the way a true firewall can.
487 > can help protect your privacy, but not
488 protect you from intrusion attempts. It is, of course, perfectly possible
489 and recommended to use <SPAN
503 >4.11. I have large empty spaces / a checkerboard pattern now where
504 ads used to be. Why?</A
507 > It would be technically possible eliminate the banners in a way that frees
508 their screen estate in many cases, by doing all banner blocking with filters,
509 i.e. eliminating the whole image references from the HTML pages instead
510 of letting them stay in, and blocking the resulting requests for the
511 banners themselves.</P
513 > But this would consume considerable CPU resources, would likely destroy
514 the layout of many web pages which rely on the banners consuming a certain
515 amount of screen space, and would fail in other cases, where the screen space
516 is reserved e.g. by tables anyway. Also, making the banners disappear without
517 a visual trace complicates troubleshooting.</P
519 > So we won't support this in the default configuration, but you can of course
520 define appropriate filters yourself.</P
531 > filter Secure (HTTPS) URLs?</A
534 > Since secure HTTP connections are encrypted SSL sessions between your browser
535 and the secure site, and are meant to be reliably <SPAN
542 there is little that <SPAN
545 > can do but hand the raw
546 gibberish data though from one end to the other unprocessed.</P
548 > The only exception to this is blocking by host patterns, as the client needs
552 > the name of the remote server,
556 > can establish the connection.
557 If that name matches a host-only pattern, the connection will be blocked.</P
559 > As far as ad blocking is concerned, this is less of a restriction than it may
560 seem, since ad sources are often identifiable by the host name, and often
561 the banners to be placed in an encrypted page come unencrypted nonetheless
562 for efficiency reasons, which exposes them to the full power of
570 >"Content cookies"</SPAN
571 > (those that are embedded in the actual HTML or
572 JS page content, see <VAR
575 HREF="../user-manual/actions-file.html#FILTER-CONTENT-COOKIES"
577 >filter{content-cookies}</A
580 in an SSL transaction will be impossible to block under these conditions.
581 Fortunately, this does not seem to be a very common scenario since most
582 cookies come by traditional means.</P
597 secure is it? Do I need to take any special precautions?</A
600 > There are no known exploits that might affect
604 >. On Unix-like systems,
608 > can run as a non-privileged
609 user, which is how we recommend it be run. Also, by default
613 > only listens to requests
617 > only. The server aspect of
621 > is not itself directly exposed to the
622 Internet in this configuration. If you want to have
626 > serve as a LAN proxy, this will have to
627 be opened up to allow for LAN requests. In this case, we'd recommend
628 you specify only the LAN gateway address, e.g. 192.168.1.1, in the main
632 > configuration file and check all <A
633 HREF="../user-manual/config.html#ACCESS-CONTROL"
635 >access control and security
637 >. All LAN hosts can then use this as their proxy address
638 in the browser proxy configuration, but <SPAN
642 will not listen on any external interfaces. ACLs can be defined in addition,
643 and using a firewall is always good too. Better safe than sorry.</P
651 >4.14. How can I temporarily disable <SPAN
657 > The easiest way is to access <SPAN
661 browser by using the remote toggle URL: <A
662 HREF="http://config.privoxy.org/toggle"
664 >http://config.privoxy.org/toggle</A
667 HREF="../user-manual/appendix.html#BOOKMARKLETS"
669 >Bookmarklets section</A
674 > for an easy way to access this
690 out of the picture?</A
693 > No, this just means all filtering and actions are disabled.
697 > is still acting as a proxy, but just not
698 doing any of the things that <SPAN
702 normally be expected to do. It is still a <SPAN
706 the interaction between your browser and web sites.</P
714 >4.16. My logs show <SPAN
721 ads, but also its own CGI pages. What is a <SPAN
740 >, nothing more. Often this is indeed ads or
744 > uses the same mechanism for
745 trapping requests for its own internal pages. For instance, a request for
749 > configuration page at: <A
750 HREF="http://config.privoxy.org"
752 >http://config.privoxy.org</A
754 intercepted (i.e. it does not go out to the 'net), and the familiar CGI
755 configuration is returned to the browser, and the log consequently will show
770 > effect files that I download
771 from a webserver? FTP server?</A
774 > From the webserver's perspective, there is no difference between
775 viewing a document (i.e. a page), and downloading a file. The same is true of
779 >. If there is a match for a <VAR
782 HREF="../user-manual/actions-file.html#BLOCK"
787 it will still be blocked, and of course this is obvious.
790 > Filtering is potentially more of a concern since the results are not always
791 so obvious, and the effects of filtering are there whether the file is simply
792 viewed, or downloaded. And potentially whether the content is some obnoxious
793 advertizement, or Mr. Jimmy's latest/greatest source code jewel. Of course,
794 one of these presumably is <SPAN
797 > content that we don't want, and
801 > content that we do want.
805 > is blind to the differences, and can only
808 >"good from bad"</SPAN
809 > by the configuration parameters
821 > knows the differences in files according
824 >"Document Type"</SPAN
825 > as reported by the webserver. If this is
826 reported accurately (e.g. <SPAN
828 >"application/zip"</SPAN
829 > for a zip archive),
833 > knows to ignore these where
837 > potentially can filter HTML
838 as well as plain text documents, subject to configuration parameters of
839 course. Also, documents that are of an unknown type (generally assumed to be
843 >) can be filtered, as will those that might be
844 incorrectly reported by the webserver. If such a file is a downloaded file
845 that is intended to be saved to disk, then any content that might have been
846 altered by filtering, will be saved too, for these (probably rare) cases.</P
848 > Note that versions later than 3.0.2 do NOT filter document types of
852 >. Prior to this, <SPAN
856 did filter this document type.</P
858 > In short, filtering is <SPAN
861 > if a) the Document Type as reported
862 by the webserver is appropriate <SPAN
868 > b) the configuration
869 allows it (or at least does not disallow it). That's it. There is no magic
870 cookie anywhere to say this is <SPAN
877 >. It's the configuration that let's it all happen or not.</P
879 > If you download text files, you probably do not want these to be filtered,
880 particularly if the content is source code, or other critical content. Source
881 code sometimes might be mistaken for Javascript (i.e. the kind that might
882 open a pop-up window). It is recommended to turn off filtering for download
883 sites (particularly if the content may be plain text files and you are using
884 version 3.0.2 or earlier) in your <TT
888 also, for any site or page where making <SPAN
895 all to the content is to be avoided.</P
900 > does not do FTP at all, only HTTP
901 protocols, so please don't even try.</P
909 >4.18. I just downloaded a Perl script, and <SPAN
913 altered it! Yikes, what is wrong!</A
916 > Please read above.</P
924 >4.19. Where can I find more information about <SPAN
928 and related issues?</A
931 > Other references and sites of interest to <SPAN
945 HREF="http://www.privoxy.org/"
947 >http://www.privoxy.org/</A
968 HREF="http://www.privoxy.org/faq/"
970 >http://www.privoxy.org/faq/</A
991 HREF="http://sourceforge.net/projects/ijbswa/"
993 >http://sourceforge.net/projects/ijbswa/</A
995 the Project Page for <SPAN
1000 HREF="http://sourceforge.net"
1019 HREF="http://config.privoxy.org/"
1021 >http://config.privoxy.org/</A
1023 the web-based user interface. <SPAN
1027 running for this to work. Shortcut: <A
1047 HREF="javascript:w=Math.floor(screen.width/2);h=Math.floor(screen.height*0.9);void(window.open('http://www.privoxy.org/actions','Feedback','screenx='+w+',width='+w+',height='+h+',scrollbars=yes,toolbar=no,location=no,directories=no,status=no,menubar=no,copyhistory=no').focus());"
1049 >http://www.privoxy.org/actions/</A
1053 > to the developers.
1069 HREF="http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/ijbswa/contrib/"
1071 >http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/ijbswa/contrib/</A
1073 and fun ideas from <SPAN
1092 HREF="http://www.junkbusters.com/ht/en/cookies.html"
1094 >http://www.junkbusters.com/ht/en/cookies.html</A
1096 an explanation how cookies are used to track web users.
1112 HREF="http://www.junkbusters.com/ijb.html"
1114 >http://www.junkbusters.com/ijb.html</A
1116 the original Internet Junkbuster.
1132 HREF="http://www.waldherr.org/junkbuster/"
1134 >http://www.waldherr.org/junkbuster/</A
1136 Stefan Waldherr's version of Junkbuster, from which <SPAN
1156 HREF="http://privacy.net/analyze/"
1158 >http://privacy.net/analyze/</A
1160 to check what information about you is leaked while you browse the web.
1176 HREF="http://www.squid-cache.org/"
1178 >http://www.squid-cache.org/</A
1180 caching proxy, which is often used together with <SPAN
1199 HREF="http://www.privoxy.org/developer-manual/"
1201 >http://www.privoxy.org/developer-manual/</A
1221 >4.20. I've noticed that Privoxy changes <SPAN
1228 >! Why are you manipulating my browsing?</A
1231 > We're not. The text substitutions that you are seeing are disabled
1232 in the default configuration as shipped. You have either manually
1240 is clearly labeled <SPAN
1242 >"Text replacements for subversive browsing
1244 > or you have implicitly activated it by choosing the
1247 >"Adventuresome"</SPAN
1248 > profile in the web-based editor (formerly known
1260 SUMMARY="Footer navigation table"
1271 HREF="configuration.html"
1309 >Troubleshooting</TD