2. Installation

Privoxy is available both in convenient pre-compiled packages for a wide range of operating systems, and as raw source code. For most users, we recommend using the packages, which can be downloaded from our Privoxy Project Page.

Note: On some platforms, the installer may remove previously installed versions, if found. (See below for your platform). In any case be sure to backup your old configuration if it is valuable to you. See the note to upgraders section below.

2.1. Binary Packages

How to install the binary packages depends on your operating system:

2.1.1. Debian and Ubuntu

DEBs can be installed with apt-get install privoxy, and will use /etc/privoxy for the location of configuration files.

2.1.2. Windows

Just double-click the installer, which will guide you through the installation process. You will find the configuration files in the same directory as you installed Privoxy in.

Version 3.0.5 beta introduced full Windows service functionality. On Windows only, the Privoxy program has two new command line arguments to install and uninstall Privoxy as a service.




After invoking Privoxy with --install, you will need to bring up the Windows service console to assign the user you want Privoxy to run under, and whether or not you want it to run whenever the system starts. You can start the Windows services console with the following command: services.msc. If you do not take the manual step of modifying Privoxy's service settings, it will not start. Note too that you will need to give Privoxy a user account that actually exists, or it will not be permitted to write to its log and configuration files.

2.1.3. OS/2

First, make sure that no previous installations of Junkbuster and / or Privoxy are left on your system. Check that no Junkbuster or Privoxy objects are in your startup folder.

Then, just double-click the WarpIN self-installing archive, which will guide you through the installation process. A shadow of the Privoxy executable will be placed in your startup folder so it will start automatically whenever OS/2 starts.

The directory you choose to install Privoxy into will contain all of the configuration files.

2.1.4. Mac OS X

Installation instructions for the OS X platform depend upon whether you downloaded a ready-built installation package (.pkg or .mpkg) or have downloaded the source code.

2.1.5. Installation from ready-built package

The downloaded file will either be a .pkg (for OS X 10.5 upwards) or a bzipped .mpkg file (for OS X 10.4). The former can be double-clicked as is and the installation will start; double-clicking the latter will unzip the .mpkg file which can then be double-clicked to commence the installation.

The privoxy service will automatically start after a successful installation (and thereafter every time your computer starts up) however you will need to configure your web browser(s) to use it. To do so, configure them to use a proxy for HTTP and HTTPS at the address

To prevent the privoxy service from automatically starting when your computer starts up, remove or rename the file /Library/LaunchDaemons/org.ijbswa.privoxy.plist (on OS X 10.5 and higher) or the folder named /Library/StartupItems/Privoxy (on OS X 10.4 'Tiger').

To manually start or stop the privoxy service, use the scripts startPrivoxy.sh and stopPrivoxy.sh supplied in /Applications/Privoxy. They must be run from an administrator account, using sudo.

To uninstall, run /Applications/Privoxy/uninstall.command as sudo from an administrator account.

2.1.6. Installation from source

To build and install the Privoxy source code on OS X you will need to obtain the macsetup module from the Privoxy Sourceforge CVS repository (refer to Sourceforge help for details of how to set up a CVS client to have read-only access to the repository). This module contains scripts that leverage the usual open-source tools (available as part of Apple's free of charge Xcode distribution or via the usual open-source software package managers for OS X (MacPorts, Homebrew, Fink etc.) to build and then install the privoxy binary and associated files. The macsetup module's README file contains complete instructions for its use.

The privoxy service will automatically start after a successful installation (and thereafter every time your computer starts up) however you will need to configure your web browser(s) to use it. To do so, configure them to use a proxy for HTTP and HTTPS at the address

To prevent the privoxy service from automatically starting when your computer starts up, remove or rename the file /Library/LaunchDaemons/org.ijbswa.privoxy.plist (on OS X 10.5 and higher) or the folder named /Library/StartupItems/Privoxy (on OS X 10.4 'Tiger').

To manually start or stop the privoxy service, use the Privoxy Utility for Mac OS X (also part of the macsetup module). This application can start and stop the privoxy service and display its log and configuration files.

To uninstall, run the macsetup module's uninstall.sh as sudo from an administrator account.

2.1.7. FreeBSD

Privoxy is part of FreeBSD's Ports Collection, you can build and install it with cd /usr/ports/www/privoxy; make install clean.

2.2. Building from Source

The most convenient way to obtain the Privoxy sources is to download the source tarball from our project download page.

If you like to live on the bleeding edge and are not afraid of using possibly unstable development versions, you can check out the up-to-the-minute version directly from the CVS repository.

To build Privoxy from source, autoconf, GNU make (gmake), and, of course, a C compiler like gcc are required.

When building from a source tarball, first unpack the source:

 tar xzvf privoxy-3.0.21-stable-src.tar.gz
 cd privoxy-3.0.21-stable

For retrieving the current CVS sources, you'll need a CVS client installed. Note that sources from CVS are typically development quality, and may not be stable, or well tested. To download CVS source, check the Sourceforge documentation, which might give commands like:

  cvs -d:pserver:anonymous@ijbswa.cvs.sourceforge.net:/cvsroot/ijbswa login
  cvs -z3 -d:pserver:anonymous@ijbswa.cvs.sourceforge.net:/cvsroot/ijbswa co current
  cd current

This will create a directory named current/, which will contain the source tree.

You can also check out any Privoxy "branch", just exchange the current name with the wanted branch name (Example: v_3_0_branch for the 3.0 cvs tree).

It is also strongly recommended to not run Privoxy as root. You should configure/install/run Privoxy as an unprivileged user, preferably by creating a "privoxy" user and group just for this purpose. See your local documentation for the correct command line to do add new users and groups (something like adduser, but the command syntax may vary from platform to platform).

/etc/passwd might then look like:

  privoxy:*:7777:7777:privoxy proxy:/no/home:/no/shell

And then /etc/group, like:


Some binary packages may do this for you.

Then, to build from either unpacked tarball or CVS source:

 ./configure      # (--help to see options)
 make             # (the make from GNU, sometimes called gmake)
 su               # Possibly required
 make -n install  # (to see where all the files will go)
 make -s install  # (to really install, -s to silence output)

Using GNU make, you can have the first four steps automatically done for you by just typing:


in the freshly downloaded or unpacked source directory.

To build an executable with security enhanced features so that users cannot easily bypass the proxy (e.g. "Go There Anyway"), or alter their own configurations, configure like this:

 ./configure  --disable-toggle  --disable-editor  --disable-force

Then build as above. In Privoxy 3.0.7 and later, all of these options can also be disabled through the configuration file.

WARNING: If installing as root, the install will fail unless a non-root user or group is specified, or a privoxy user and group already exist on the system. If a non-root user is specified, and no group, then the installation will try to also use a group of the same name as "user". If a group is specified (and no user), then the support files will be installed as writable by that group, and owned by the user running the installation.

configure accepts --with-user and --with-group options for setting user and group ownership of the configuration files (which need to be writable by the daemon). The specified user must already exist. When starting Privoxy, it must be run as this same user to insure write access to configuration and log files!

Alternately, you can specify user and group on the make command line, but be sure both already exist:

 make -s install  USER=privoxy GROUP=privoxy

The default installation path for make install is /usr/local. This may of course be customized with the various ./configure path options. If you are doing an install to anywhere besides /usr/local, be sure to set the appropriate paths with the correct configure options (./configure --help). Non-privileged users must of course have write access permissions to wherever the target installation is going.

If you do install to /usr/local, the install will use sysconfdir=$prefix/etc/privoxy by default. All other destinations, and the direct usage of --sysconfdir flag behave like normal, i.e. will not add the extra privoxy directory. This is for a safer install, as there may already exist another program that uses a file with the "config" name, and thus makes /usr/local/etc cleaner.

If installing to /usr/local, the documentation will go by default to $prefix/share/doc. But if this directory doesn't exist, it will then try $prefix/doc and install there before creating a new $prefix/share/doc just for Privoxy.

Again, if the installs goes to /usr/local, the localstatedir (ie: var/) will default to /var instead of $prefix/var so the logs will go to /var/log/privoxy/, and the pid file will be created in /var/run/privoxy.pid.

make install will attempt to set the correct values in config (main configuration file). You should check this to make sure all values are correct. If appropriate, an init script will be installed, but it is up to the user to determine how and where to start Privoxy. The init script should be checked for correct paths and values, if anything other than a default install is done.

If install finds previous versions of local configuration files, most of these will not be overwritten, and the new ones will be installed with a "new" extension. default.action and default.filter will be overwritten. You will then need to manually update the other installed configuration files as needed. The default template files will be overwritten. If you have customized, local templates, these should be stored safely in a separate directory and defined in config by the "templdir" directive. It is of course wise to always back-up any important configuration files "just in case". If a previous version of Privoxy is already running, you will have to restart it manually.

For more detailed instructions on how to build Redhat RPMs, Windows self-extracting installers, building on platforms with special requirements etc, please consult the developer manual.

2.3. Keeping your Installation Up-to-Date

If you wish to receive an email notification whenever we release updates of Privoxy or the actions file, subscribe to our announce mailing list, ijbswa-announce@lists.sourceforge.net.

In order not to lose your personal changes and adjustments when updating to the latest default.action file we strongly recommend that you use user.action and user.filter for your local customizations of Privoxy. See the Chapter on actions files for details.