X-Git-Url: http://www.privoxy.org/gitweb/?a=blobdiff_plain;f=doc%2Fsource%2Ffaq.sgml;h=07997052503a67f79c4ddf2ef4d093624b69347d;hb=15e948c1a62d809d13c3f66376d9eea6254ea14e;hp=f4afd4d13c559751de5caa9d45641bcf6ed558a2;hpb=f4bbadd2be5d6c0077fa2243f73852de70e3af25;p=privoxy.git
diff --git a/doc/source/faq.sgml b/doc/source/faq.sgml
index f4afd4d1..07997052 100644
--- a/doc/source/faq.sgml
+++ b/doc/source/faq.sgml
@@ -1,9 +1,24 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Privoxy">
]>
@@ -43,8 +69,35 @@
Privoxy Frequently Asked Questions
-$Id: faq.sgml,v 1.39 2002/04/03 03:53:03 hal9 Exp $
+
+
+
+
+ Copyright &my-copy; 2001-2011 by
+ Privoxy Developers
+
+
+
+$Id: faq.sgml,v 2.91 2013/02/26 15:09:35 fabiankeil Exp $
+
+
+
+
@@ -64,21 +117,27 @@
]]>
- This FAQ gives users and developers alike answers to frequently asked
- questions about Privoxy.
-
-
+ This FAQ gives quick answers to frequently asked questions about
+ Privoxy.
+ It is not a substitute for the
+ Privoxy User Manual.
- &p-intro;
+
+
+
+ What is Privoxy? &p-intro;
+
+ Please note that this document is a work in progress. This copy represents
+ the state at the release of version &p-version;.
You can find the latest version of the document at http://www.privoxy.org/faq/.
- Please see the Contact section in the user-manual if
- you want to contact the developers.
+ Please see the Contact section if you want to
+ contact the developers.
@@ -87,159 +146,186 @@
-
-
-
-
-
-
-General Information
+General Information
+Who should give &my-app; a try?
+
+ Anyone who is interested in security, privacy, or in
+ finer-grained control over their web and Internet experience.
+
+
+
+Is Privoxy the best choice for
+me?
+
+ &my-app; is certainly a good choice, especially for those who want more
+ control and security. Those with the willingness to read the documentation
+ and the ability to fine-tune their installation will benefit the most.
+
+
+ One of Privoxy's
+ strengths is that it is highly configurable giving you the ability to
+ completely personalize your installation. Being familiar with, or at least
+ having an interest in learning about HTTP and other networking
+ protocols, HTML, and
+ Regular
+ Expressions
+ will be a big plus and will help you get the most out of &my-app;.
+ A new installation just includes a very basic configuration. The user
+ should take this as a starting point only, and enhance it as he or she
+ sees fit. In fact, the user is encouraged, and expected to, fine-tune the
+ configuration.
+
+
+ Much of Privoxy's configuration can be done
+ with a Web browser.
+ But there are areas where configuration is done using a
+ text editor
+ to edit configuration files. Also note that the web-based action editor
+ doesn't use authentication and should only be enabled in environments
+ where all clients with access to &my-app; listening port can be trusted.
+
+
-What is this new version of Privoxy?
+What is a proxy? How does
+Privoxy work?
- The original Internet
- Junkbuster (tm) is a copyrighted product of Junkbusters Corporation.
- Development of this effort stopped some time ago as of version 2.0.2. Stefan
- Waldherr started the ijbswa project on Sourceforge to
- rekindle development. Other developers subsequently joined with Stefan, and
- have since added many new features, refinements and enhancements. The result
- of this effort is Privoxy.
+ A web proxy
+ is a service, based on a software such as &my-app;, that clients
+ (i.e. browsers) can use instead of connecting to web servers directly.
+ The clients then ask the proxy to request objects (web pages, images, movies etc)
+ on their behalf and to forward the data to the clients.
+ It is a go-between. For details, see
+ Wikipedia's proxy definition.
- Privoxy has evolved from the
- Junkbuster 2.0.2 code base, and has advanced
- significantly at this point.
+ There are many reasons to use web proxies, such as security (firewalling),
+ efficiency (caching) and others, and there are any number of proxies
+ to accommodate those needs.
-
- Please see the user-manual for more
- information on the history of Junkbuster and
- Privoxy.
+
+ &my-app; is a proxy that is primarily focused on
+ privacy enhancement, ad and junk elimination and freeing the user from
+ restrictions placed on his activities. Sitting between your browser(s) and the Internet,
+ it is in a perfect position to filter outbound personal information that your
+ browser is leaking, as well as inbound junk. It uses a variety of techniques to do
+ this, all of which are under your complete control via the various configuration
+ files and options. Being a proxy also makes it easier to share
+ configurations among multiple browsers and/or users.
+
+
+
+Does Privoxy do anything more than ad blocking?
+
+ Yes, ad blocking is but one possible use. There are many, many ways &my-app;
+ can be used to sanitize and customize web browsing.
+
+
+
+What is this new version of
+Junkbuster?
+
+
+ &history;
+
-Why Privoxy? Why a name change at all?
+Why Privoxy? Why change the name from
+Junkbuster at all?
- Privoxy is the
- Privacy Enhancing Proxy.
+ Though outdated, Junkbusters Corporation continued to offer their original
+ version of the Internet Junkbuster for a while,
+ so publishing our Junkbuster-derived software
+ under the same name would have led to confusion.
- There are potential legal complications from the continued use of the
- Junkbuster name, which is a trademark of
- Junkbusters Corporation.
- (There are, however, no objections from Junkbusters Corporation to the
- Privoxy project itself, and they, in fact, still
- share our ideals and goals.)
+ There were also potential legal reasons not to use the
+ Junkbuster name, as it was (and maybe still is)
+ a registered trademark of Junkbusters Corporation.
+ There were, however, no objections from Junkbusters Corporation to the
+ Privoxy project itself, and they, in fact,
+ shared our ideals and goals.
-
- The developers also believed that there are so many changes from the original
- code, that it was time to make a clean break from the past and make
- a name in their own right, especially now with the pending release of
- version 3.0.
+ The Privoxy developers also believed that there were so many improvements
+ over the original code, that it was time to make a clean break from the past
+ and make a name in their own right.
-
-
-
-How does Privoxy differ
-from the old Junkbuster?
- Privoxy picks up where
- Junkbuster left off. All the old features remain.
- The new Privoxy still blocks ads and banners,
- still manages cookies, and still helps protect your privacy. But, these are
- all enhanced, and many new features have been added, all in the same vein.
-
-
- The configuration has changed significantly as well. This is something that
- users will notice right off the bat. The blocklist file does
- not exist any more. This is replaced by actions files, such
- as default.actions. This is where most of the per site
- configuration is now.
-
-
-
-What are some of the new features?
-
-&newfeatures;
-
+ Privoxy is the
+ Privacy Enhancing Proxy. Also, its content
+ modification and junk suppression gives you, the user, more
+ control, more freedom, and allows you to browse your personal and
+ private edition of the web.
+
-What is a proxy? How does
-Privoxy work?
-
- When you connect to a web site with Privoxy,
- you are really connecting to your locally running version of
- Privoxy. Privoxy
- intercepts your requests for the web page, and relays that to the
- real web site. The web site sends the HTTP data stream
- back to Privoxy, where
- Privoxy can work its magic before it
- relays this data back to your web browser.
-
-
-
- Since Privoxy sits between you and the
- WWW, it is in a position to intercept and completely manage all web traffic and
- HTTP content before it gets to your browser.
- Privoxy uses various programming methods to do
- this, all of which is under your control via the various configuration
- files and options.
+How does Privoxy differ
+from the old Junkbuster?
+
+ Privoxy picks up where
+ Junkbuster left off.
+ Privoxy still blocks ads and banners,
+ still manages cookies, and still
+ helps protect your privacy. But, most of these features have been enhanced,
+ and many new ones have been added, all in the same vein.
+
+ Privoxy's new features include:
+
-
- There are many kinds of proxies. Privoxy best
- fits the filtering proxy category.
-
+
+ &newfeatures;
+
-
-
-How does Privoxy know what is
+
+How does Privoxy know what is
an ad, and what is not?
- Privoxy processes all the raw content of every
- web page. So it reads everything on each page. It then compares this to the
- rules as set up in the configuration files, and looks for any matches to
- these rules. Privoxy makes heavy use of
- regular expressions. (If you are not familiar with regular
- expressions, it is explained briefly in the user manual.) Regular
- expressions facilitate matching of one text string against another, using
- wildcards to build complex patterns. So Privoxy
- will typically look for URLs and other content that match certain key words
- and expressions as defined in the configuration files. For instance a URL
- that contains /banners, has a high probability of containing
- ad banners, and thus would be a prime candidate to have a matching rule.
+ Privoxy's approach to blocking ads is twofold:
+
+
+ First, there are certain patterns in the locations (URLs)
+ of banner images. This applies to both the path (you wouldn't guess how many
+ web sites serve their banners from a directory called banners!)
+ and the host (blocking the big banner hosting services like doublecklick.net
+ already helps a lot). Privoxy takes advantage of this
+ fact by using URL
+ patterns to sort out and block the requests for things that sound
+ like they would be ads or banners.
+
+
+ Second, banners tend to come in certain sizes. But you
+ can't tell the size of an image by its URL without downloading it, and if you
+ do, it's too late to save bandwidth. Therefore, Privoxy
+ also inspects the HTML sources of web pages while they are loaded, and replaces
+ references to images with standard banner sizes by dummy references, so that
+ your browser doesn't request them anymore in the first place.
- So Privoxy will look for these kinds of obvious
- looking culprits. And also, will use lists of known organizations that
- specialize in ads. Again, using complex patterns to match as many potential
- combinations as possible since there tend to be many, many variations used by
- advertisers, and new ones are being introduced all the time.
+ Both of this involves a certain amount of guesswork and is, of course, freely
+ and readily configurable.
-Can Privoxy make mistakes?
+Can Privoxy make mistakes?
This does not sound very scientific.
- Actually, it's a black art ;-) And yes, it is always possible to have a broad rule
- accidentally block something by mistake. There is a good chance you may run
- into such a situation at some point. It is tricky writing rules to cover
- every conceivable possibility, and not occasionally get false positives.
+ Actually, it's a black art ;-) And yes, it is always possible to have a broad
+ rule accidentally block or change something by mistake. You will almost surely
+ run into such situations at some point. It is tricky writing rules to
+ cover every conceivable possibility, and not occasionally get false positives.
@@ -252,69 +338,227 @@ This does not sound very scientific.
+
+Will I have to configure Privoxy
+ before I can use it?
+
+ That depends on your expectations.
+ The default installation should give you a good starting
+ point, and block most ads and unwanted content,
+ but many of the more advanced features are off by default, and require
+ you to activate them.
+
+
+ You do have to set up your browser to use
+ Privoxy (see the Installation section below).
+
+
+ And you will certainly run into situations where there are false positives,
+ or ads not being blocked that you may not want to see. In these cases, you
+ would certainly benefit by customizing Privoxy's
+ configuration to more closely match your individual situation. And we
+ encourage you to do this. This is where the real power of
+ Privoxy lies!
+
+
+
+
+
+Can Privoxy run as a server on a network?
+
+ Yes, &my-app; runs as a server already, and can easily be configured to
+ serve more than one client. See
+ How can I set up Privoxy to act as a proxy for my LAN below.
+
+My browser does the same things as
-Privoxy. Why should I use
-Privoxy at all?
+Privoxy. Why should I use Privoxy at all?
Modern browsers do indeed have some of the same
functionality as Privoxy. Maybe this is
- adequate for you. But Privoxy is much more
- versatile and powerful, and can do a number of things that browsers just can't.
+ adequate for you. But Privoxy is very
+ versatile and powerful, and can probably do a number of things
+ your browser just can't.
- In addition, a proxy is good choice if you use multiple browsers, or
- have a LAN with multiple computers. This way all the configuration
- is in one place, and you don't have to maintain a similar configuration
- for possibly many browsers.
-
+ In addition, a proxy is good choice if you use multiple browsers, or
+ have a LAN with multiple computers since &my-app; can run as a server
+ application. This way all the configuration is in one place, and you don't
+ have to maintain a similar configuration for possibly many browsers or
+ users.
+
+
+ Note, however, that it's recommended to leverage both your browser's
+ and Privoxy's privacy enhancing features
+ at the same time. While your browser probably lacks some features
+ &my-app; offers, it should also be able to do some things more
+ reliable, for example restricting and suppressing JavaScript.
+Why should I trust Privoxy?
+
+ The most important reason is because you have access to
+ everything, and you can control everything. You can
+ check every line of every configuration file yourself. You can check every
+ last bit of source code should you desire. And even if you can't read code,
+ there should be some comfort in knowing that other people can,
+ and do read it. You can build the software from scratch, if you want,
+ so that you know the executable is clean, and that it is
+ yours. In fact, we encourage this level of scrutiny. It
+ is one reason we use &my-app; ourselves.
+
+
-
-Is there is a license or fee? What about a
+Is there is a license or fee? What about a
warranty? Registration?
- Privoxy is licensed under the
- GNU General Public License (GPL). It is free to use, copy,
- modify or distribute as you wish under the terms of this license.
- Please see the
-user-manual for
- more information on the license and copyright.
-
-
+ Privoxy is free software and licensed under the GNU General Public License (GPL) version 2.
+ It is free to use, copy, modify or distribute as you wish under the terms of this
+ license. Please see the Copyright section for more
+ information on the license and copyright. Or the LICENSE file
+ that should be included.
+
- There is no warranty of any kind, expressed, implied or otherwise. That is
- something that would cost real money ;-) There is no registration either.
- Privoxy really is free
- in every respect!
-
+ There is no warranty of any kind, expressed, implied or otherwise.
+ That is something that would cost real money ;-) There is no registration either.
-I would like to help you, what do I do?
+
+Can Privoxy remove spyware? Adware? Viruses?
+
+ No, at least not reliably enough to trust it. &my-app; is not designed to be
+ a malware removal tool and the default configuration doesn't even try to
+ filter out any malware.
+
+
+ &my-app; could help prevent contact from (known) sites that use such
+ tactics with appropriate configuration rules, and thus could conceivably
+ prevent contamination from such sites. However, keeping such a configuration
+ up to date would require a lot of time and effort that would be better spend
+ on keeping your software itself up to date so it doesn't have known
+ vulnerabilities.
+
+
+
+
+
+Can I use Privoxy with other ad-blocking software?
+
+ &my-app; should work fine with other proxies and other software in general.
+
+
+ But it is probably not necessary to use &my-app; in conjunction with other
+ ad-blocking products, and this could conceivably cause undesirable results.
+ It might be better to choose one software or the other and work a little to
+ tweak its configuration to your liking.
+
+
+ Note that this is an advice specific to ad blocking.
+
+
+
+I would like to help you, what can I do?
-Money Money Money
+Would you like to participate?
+
+ Well, we always need help. There is something for
+ everybody who wants to help us. We welcome new developers, packagers,
+ testers, documentation writers or really anyone with a desire to help in
+ any way. You DO NOT need to be a
+ programmer. There are many other tasks available. In fact,
+ the programmers often can't spend as much time programming because of some
+ of the other, more mundane things that need to be done, like checking the
+ Tracker feedback sections or responding to user questions on the mailing
+ lists.
+
+
+ So first thing, subscribe to the Privoxy Users
+ or the Privoxy
+ Developers mailing list, join the discussion, help out other users, provide general
+ feedback or report problems you noticed.
+
+
+ If you intend to help out with the trackers, you also might want to get an account on SourceForge.net
+ so we don't confuse you with the other name-less users.
+
+
+ We also have a Developer's Manual.
+ While it is partly out of date, it's still worth reading.
+
- We, of course, welcome donations and use the money for domain registering,
- regular world-wide get-togethers (hahaha). Anyway, we'll soon describe the
- process how to donate money to the team.
+ Our TODO list
+ may be of interest to you as well.
+ Please let us know if you want to work on one of the items listed.
-You want to work with us?
+Would you like to donate?
+
+ Privoxy is developed by unpaid volunteers
+ and thus our current running costs are pretty low. Nevertheless, we
+ have plans that will cost money in the future. They include,
+ but aren't limited to spending money on:
+
+
+
+
+
+
+
+ Hardware to help make sure Privoxy
+ keeps running on platforms the developers currently can't test
+ on and can be ported to others.
+
+
+
+
+ Technical books to educate our developers about said platforms
+ or to improve their knowledge in general.
+
+
+
+
+ More reliable hosting,
+
+
+
+
+
+
+ We would like to get this money through donations made by our users.
+
+
- Well, helping the team is always a good idea. We welcome new developers,
- RPM gurus or documentation makers. Simply get an account on sourceforge.net
- and mail your id to the developer mailing list. Then read the
- section Quickstart in the
- Developer's Manual.
+ Privoxy has therefore become an associated
+ project of Software
+ in the Public Interest (SPI), which allows us to receive donations.
+ In the United States they are tax-deductible, in a few other western countries
+ they might be tax-deductible in the future.
+
+
+ If you read this section before you may notice that paying for the
+ project domain privoxy.org is no longer on the list. It has been
+ transferred to SPI is sponsored by Mythic Beasts Ltd.
+
+
- Once we have added you to the team, you'll have write access to the CVS
- repository, and together we'll find a suitable task for you.
+ If you enjoy our software and feel like helping out with a donation,
+ please have a look at
+ SPI's donation page
+ to see what the options are. If you have any questions regarding donations
+ please mail to either the public user mailing list or, if it's a private
+ matter, to Fabian Keil
+ (Privoxy's SPI liason) directly.
@@ -325,15 +569,19 @@ warranty? Registration?
-Installation
+Installation
-Which browsers are supported by Privoxy?
-
- Any browser that can be configured to use a proxy, which
- should be virtually all browsers. Direct browser support is not necessary
- since Privoxy runs as a separate application and
- just exchanges standard HTML data with your browser, just like a web server
+Which browsers are supported by Privoxy?
+
+ Any browser that can be configured to use a proxy, which
+ should be virtually all browsers, including
+ Firefox, Internet
+ Explorer, Opera, and
+ Safari among others.
+ Direct browser support is not an absolute requirement since
+ Privoxy runs as a separate application and talks
+ to the browser in the standardized HTTP protocol, just like a web server
does.
@@ -346,92 +594,166 @@ Include supported.sgml here:
&supported;
-Can I install
- Privoxy over Junkbuster?
+
+Can I use Privoxy with my email client?
+
+ As long as there is some way to set a HTTP proxy for the client, then yes,
+ any application can be used, whether it is strictly speaking a
+ browser or not. Though this may not be the best approach for
+ dealing with some of the common abuses of HTML in email. See How can I configure Privoxy
+ with Outlook? below for more on
+ this.
+
+
+ Be aware that HTML email presents a number of unique security and privacy
+ related issues, that can require advanced skills to overcome. The developers
+ recommend using email clients that can be configured to convert HTML to plain
+ text for these reasons.
+
+
+
+
-
-I just installed Privoxy. Is there anything
+
+I just installed Privoxy. Is there anything
special I have to do now?
- All browsers must be told to use Privoxy
- as a proxy by specifying the correct proxy address and port number
- in the appropriate configuration area for the browser. See below.
- Also, you should flush your browser's memory and disk cache to get rid of any
- cached items.
+ All browsers should be told to use Privoxy
+ as a proxy by specifying the correct proxy address and port number
+ in the appropriate configuration area for the browser. It's possible
+ to combine &my-app; with a packet filter to intercept HTTP requests
+ even if the client isn't explicitly configured to use &my-app;,
+ but where possible, configuring the client is recommended. See
+ the User Manual for more
+ details. You should also flush your browser's memory and disk
+ cache to get rid of any cached junk items, and remove any stored
+ cookies.
-
-What is the proxy address of Privoxy?
+What is the proxy address of Privoxy?
If you set up the Privoxy to run on
the computer you browse from (rather than your ISP's server or some
- networked computer on a LAN), the proxy will be on localhost
- (which is the special name used by every computer on the Internet to refer
- to itself) and the port will be 8118 (unless you have Privoxy to run on a different port with the
- listen-address config option).
+ networked computer on a LAN), the proxy will be on 127.0.0.1
+ (sometimes referred to as localhost,
+ which is the special name used by every computer on the Internet to refer
+ to itself) and the port will be 8118 (unless you used the listen-address
+ config option to tell Privoxy to run on
+ a different port).
When configuring your browser's proxy settings you typically enter
- the word localhost in the boxes next to HTTP
- and Secure (HTTPS) and then the number 8118
- for port. This tells your browser to send all web
- requests to Privoxy instead of directly to the
- Internet.
+ the word localhost or the IP address 127.0.0.1
+ in the boxes next to HTTP and Secure (HTTPS) and
+ then the number 8118 for port.
+ This tells your browser to send all web requests to Privoxy
+ instead of directly to the Internet.
- Privoxy can also be used to proxy for
- a Local Area Network. In this case, your would enter either the IP
- address of the LAN host where Privoxy
- is running, or the equivalent hostname. Port assignment would be
- same as above.
+ Privoxy can also be used to proxy for
+ a Local Area Network. In this case, your would enter either the IP
+ address of the LAN host where Privoxy
+ is running, or the equivalent hostname, e.g. 192.168.1.1.
+ Port assignment would be same as above. Note that
+ Privoxy doesn't listen on any LAN interfaces by
+ default.
Privoxy does not currently handle
- protocols such as FTP, SMTP, IM, IRC, ICQ, or other Internet
- protocols.
+ any other protocols such as FTP, SMTP, IM, IRC, ICQ, etc.
-
-I just installed Privoxy, and nothing is happening.
+
+I just installed Privoxy, and nothing is happening.
All the ads are there. What's wrong?
- Did you configure your browser to use Privoxy
+ Did you configure your browser to use Privoxy
as a proxy? It does not sound like it. See above. You might also try flushing
- the browser's caches to force a full re-reading of pages. You can verify
- that Privoxy is running, and your browser
- is correctly configured by entering the special URL:
- http://p.p/. This should give you
- a banner that says This is Privoxy and
- access to Privoxy's internal configuration.
- If you see this, then you are good to go. If not, the browser or
- Privoxy are not set up correctly.
+ the browser's caches to force a full re-reading of pages. You can verify
+ that Privoxy is running, and your browser
+ is correctly configured by entering the special URL:
+ http://p.p/.
+
+ This should take you to a page titled This is Privoxy.. with
+ access to Privoxy's internal configuration.
+ If you see this, then you are good to go. If you receive a page saying
+ Privoxy is not running, then the browser is not set up to use
+ your Privoxy installation.
+ If you receive anything else (probably nothing at all), it could either
+ be that the browser is not set up correctly, or that
+ Privoxy is not running at all. Check the log file. For instructions
+ on starting Privoxy and browser configuration,
+ see the chapter
+ on starting Privoxy in the
+ User Manual.
+
+
+
+
+
+I get a Privoxy is not being used dummy page although
+Privoxy is running and being used.
+
+
+ First, make sure that Privoxy is really running and
+ being used by visiting http://p.p/. You
+ should see the Privoxy main page. If not, see
+ the chapter
+ on starting Privoxy in the
+ User Manual.
+
+
+ Now if http://p.p/ works for you, but
+ other parts of Privoxy's web interface show
+ the dummy page, your browser has cached a redirection it encountered before
+ Privoxy was being used. You need to clear your
+ browser's cache. Note that shift-reloading the dummy page won't help, since
+ that'll only refresh the dummy page, not the redirection that lead you there.
+
+ The procedure for clearing the cache varies from browser to browser. For
+ example, Mozilla/Netscape users would click
+ Edit --> Preferences -->
+ Advanced --> Cache and
+ then click both Clear Memory Cache
+ and Clear Disk Cache.
+ In some Firefox versions it's
+ Tools --> Options -->
+ Privacy --> Cache and
+ then click Clear Cache Now.
+
+
@@ -439,929 +761,2217 @@ All the ads are there. What's wrong?
-Configuration
-
-Can I use my old config files?
-
- There are major changes to Junkbuster/
- Privoxy configuration from version 2.0.x to
- 2.9.x and later. Most of the older files will not work at all. This is
- especially true of blocklist. If this is the case, you
- will need to re-enter your old data into the new configuration structure.
- This is probably also a good recommendation even if upgrading from 2.9.x to
- 3.x since there were many minor changes along the way.
-
-
-
+Configuration
-What is an actions file?
+What exactly is an actions file?
- actions files are where various actions that
- Privoxy might take, are configured.
- Typically, you would define a set of default actions that apply
- to all URLs, then add exceptions to these defaults.
-
-
-
- Actions can be defined on a per site basis, or for groups of sites. Actions
- can also be grouped together and then applied to one or more sites. There
- are many possible actions that might apply to any given site. As an example,
- if we are blocking cookies as one of our default
- actions, but need to accept cookies from a given
- site, we would define this in our actions file.
-
+ &my-app; utilizes the concept of
+ actions
+ that are used to manipulate and control web page data.
+ Actions files
+ are where these actions
+ that Privoxy could take while processing a certain
+ request, are configured. Typically, you would define a set of default actions
+ that apply globally to all URLs, then add exceptions to these defaults where needed.
+ There is a wide array of actions available that give the user a high degree
+ of control and flexibility on how to process each and every web page.
- Privoxy comes with several default
- actions files, with varying degrees
- of filtering and blocking, as starting points for your own
- configuration (see below).
+ Actions can be defined on a URL pattern basis, i.e.
+ for single URLs, whole web sites, groups or parts thereof etc. Actions can also be
+ grouped together and then applied to requests matching one or more patterns.
+ There are many possible actions that might apply to any given site. As an example,
+ if you are blocking cookies
+ as one of your default actions, but need to accept cookies from a given site,
+ you would need to define an exception for this site in one of your actions
+ files, preferably in user.action.
-The actions concept confuses me. Please list
+The actions concept confuses me. Please list
some of these actions.
- These are all explained in the
- user-manual.
- Please refer to that.
+ For a comprehensive discussion of the actions concept, please refer
+ to the actions file
+ chapter in the User
+ Manual. It includes a list of all actions
+ and an actions
+ file tutorial to get you started.
How are actions files configured? What is the easiest
-way to do this?
+way to do this?
- The easiest way to do this, is to access Privoxy
- with your web browser at http://p.p/,
- and then select
- "Edit the actions list"
- from the selection list. You can also do this by editing the appropriate
- file with a text editor.
+ Actions files are just text files in a special syntax and can be edited
+ with a text editor. But probably the easiest way is to access
+ Privoxy's user interface with your web browser
+ at http://config.privoxy.org/
+ (Shortcut: http://p.p/) and then select
+ View &
+ change the current configuration from the menu. Note
+ that this feature must be explicitly enabled in the main config file
+ (see enable-edit-actions).
+
+
+
+There are several different actions files. What are
+the differences?
- Please see the
- user-manual for a
- detailed explanation of these and other configuration files, and their
- various options and syntax.
+ Please have a look at the the actions chapter
+ in the User Manual for a detailed explanation.
-
+
-
-What are the differences between
-intermediate.action, basic.action, etc.?
+How can I make my Yahoo/Hotmail/Gmail account work?
-Configuring Privoxy is not easy. To help you get
-started, we provide you with three different default configurations. The
-following table shows you, which features are enabled in each configuration.
+ The default configuration shouldn't impact the usability of any of these services.
+ It may, however, make all cookies
+ temporary, so that your browser will forget your
+ login credentials in between browser sessions. If you would like not to have to log
+ in manually each time you access those websites, simply turn off all cookie handling
+ for them in the user.action file. An example for yahoo might
+ look like:
-
Default Configurations
-
-
-
-
-
-
-
-
- Feature
- default.action
- basic.action
- intermediate.action
- advanced.action
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- ad-filtering
- ?
- x
- x
- x
-
-
-
- blank image
- ?
- x
- x
- x
-
-
-
- de-animate GIFs
- ?
- x
- x
- x
-
-
-
- referer forging
- ?
- x
- x
- x
-
-
-
- jon's +no-cookies-keep (i.e. session cookies only)
- ?
- x
- x
- x
-
-
-
- no-popup windows
- ?
-
- x
- x
-
-
-
- fast redirects
- ?
-
- x
- x
-
-
-
- hide-referrer
- ?
-
- x
- x
-
-
-
- hide-useragent
- ?
-
- x
- x
-
-
-
- content-modification
- ?
-
-
- x
-
-
-
- feature-x
- ?
-
-
-
-
-
-
- feature-y
- ?
-
-
-
-
-
-
- feature-z
- ?
-
-
-
-
-
-
-
-
-
-
-
-Why can I change the configuration with a
-browser? Does that not raise security issues?
+ # Allow all cookies for Yahoo login:
+#
+{ -crunch-incoming-cookies -crunch-outgoing-cookies -session-cookies-only }
+.login.yahoo.com
+
-What I don't understand, is how I can browser edit the config file as a
-regular user, while the whole /etc/privoxy hierarchy
-belongs to the user privoxy, with only 644 permissions.
+ These kinds of sites are often quite complex and heavy with
+ Javascript and
+ thus fragile. So if still a problem,
+ we have an alias just for such
+ sticky situations:
-When you use the browser-based editor, Privoxy
-itself is writing to the config files. Because
-Privoxy is running as the user privoxy, it can
-update the config files.
+ # Gmail is a _fragile_ site:
+#
+{ fragile }
+ # Gmail is ...
+ mail.google.com
-If you don't like this, setting enable-edit-actions 0 in the
-config file will disable the browser-based editor. If you're that paranoid,
-you should also consider setting enable-remote-toggle 0 to prevent
-browser-based enabling/disabling of Privoxy.
+ Be sure to flush your browser's caches whenever making these kinds of
+ changes, just to make sure the changes take.
-Note that normally only local users can connect to
-Privoxy, so this is not (normally) a security
-problem.
+ Make sure the domain, host and path are appropriate as well. Your browser can
+ tell you where you are specifically and you should use that information for
+ your configuration settings. Note that above it is not referenced as
+ gmail.com, which is a valid domain name.
+
+What's the difference between the
+Cautious, Medium and Advanced defaults?
+
+ Configuring Privoxy is not entirely trivial. To
+ help you get started, we provide you with three different default action
+ profiles in the web based actions file editor at http://config.privoxy.org/show-status.
+ See the User
+ Manual for a list of actions, and how the default
+ profiles are set.
+
-
-What is default.filter?
- The default.filter file is used to filter any
- web page content. By filtering we mean it can modify, remove,
- or change anything on the page, including HTML tags, and
- JavaScript. Regular expressions are used to accomplish this, and operate
- on a line by line basis. This is potentially a very powerful feature, but
- requires some expertise.
+ Where the defaults are likely to break some sites, exceptions for
+ known popular problem sites are included, but in
+ general, the more aggressive your default settings are, the more exceptions
+ you will have to make later. New users are best to start off in
+ Cautious setting. This is safest and will have the fewest
+ problems. See the User Manual
+ for a more detailed discussion.
- If you are familiar with regular expressions, and HTML, you can look at
- the provided default.filter with a text editor and see
- some of things it can be used for.
+ It should be noted that the Advanced profile (formerly known
+ as the Adventuresome profile) is more
+ aggressive, and will make use of some of
+ Privoxy's advanced features. Use at your own risk!
-
- Presently, there is no GUI editor option for this part of the configuration,
- but you can disable/enable various sections of the included default
- file with the Actions List Editor from your browser.
-
+
+Why can I change the configuration
+with a browser? Does that not raise security issues?
+
+ It may seem strange that regular users can edit the config files with their
+ browsers, although the whole /etc/privoxy hierarchy
+ belongs to the user privoxy, with only 644 permissions.
+
+
+ When you use the browser-based editor, Privoxy
+ itself is writing to the config files. Because
+ Privoxy is running as the user privoxy,
+ it can update its own config files.
+
+
+ If you run Privoxy for multiple untrusted users (e.g. in
+ a LAN) or aren't entirely in control of your own browser, you will probably want
+ to make sure that the web-based editor and remote toggle features are
+ off by setting enable-edit-actions
+ 0 and enable-remote-toggle
+ 0 in the main configuration file.
+
+
+ As of &my-app; 3.0.7 these options are disabled by default.
+
+
-How can I set up Privoxy to act as a proxy for my
- LAN?
+What is the default.filter file? What is a filter?
- By default, Privoxy only responds to requests
- from localhost. To have it act as a server for a network, this needs to be
- changed in the main config file where the Privoxy
- configuration is located. In that file is a listen-address
- option. It may be commented out with a # symbol. Make sure
- it is uncommented, and assign it the address of the LAN gateway interface,
- and port number to use:
+ The default.filter
+ file is where filters as supplied by the developers are defined.
+ Filters are a special subset of actions that can be used to modify or
+ remove web page content or headers on the fly. Content filters can
+ be applied to anything in the page source,
+ header filters can be applied to either server or client headers.
+ Regular expressions are used to accomplish this.
-
-
- listen-address 192.168.1.1:8118
-
+ There are a number of pre-defined filters to deal with common annoyances. The
+ filters are only defined here, to invoke them, you need to use the
+ filter
+ action in one of the actions files. Content filtering is automatically
+ disabled for inappropriate MIME types, but if you know better than Privoxy
+ what should or should not be filtered you can filter any content you like.
-
- Save the file, and restart Privoxy. Configure
- all browsers on the network then to use this address and port number.
+ Filters should
+ not be confused with blocks, which
+ is a completely different action, and is more typically used to block ads and
+ unwanted sites.
-
-
-
-
-Instead of ads, now I get a checkerboard pattern. I don't want to see anything.
- This is a configuration option for images that
- Privoxy is stopping. You have the choice of a checkerboard
- pattern, a transparent 1x1 GIF image (aka blank), or a custom
- URL of your choice. Note that to fit this category, the URL must match both
- the +image and +block actions.
+ If you are familiar with regular expressions, and HTML, you can look at
+ the provided default.filter with a text editor and define
+ your own filters. This is potentially a very powerful feature, but
+ requires some expertise in both regular expressions and HTML/HTTP.
+ user.filter, so they won't
+ be overwritten during upgrades.
+ The ability to define multiple filter files
+ in config is a new feature as of v. 3.0.5.]]>
- If you want to see nothing, then change the +image-blocker
- action to +image-blocker{blank}. This can be done from the
- Edit Actions List selection at http://p.p/. Or by hand editing the appropriate
- actions file. This will only effect what is defined as images
- though. Also, some URLs that generate the bright red Blocked
- banner, can be moved to the +image-blocker section for the
- same reason, but there are some limits and risks to this (see below).
+ There is no GUI editor option for this part of the configuration,
+ but you can disable/enable the various pre-defined filters of the included
+ default.filter file with the web-based actions file editor.
+ Note that the custom actions editor must be explicitly enabled in
+ the main config file (see enable-edit-actions).
-
-
-
-
-Why would anybody want to see a checkerboard pattern?
- This can be helpful for troubleshooting problems. It might also be good
- for anyone new to Privoxy so that they can
- see if their favorite pages are displaying correctly, and
- Privoxy is not inadvertently removing something
- important.
+ If you intend to develop your own filters, you might want to have a look at
+ Privoxy-Filter-Test.
-
-I see large red banners on some pages that say
-Blocked. Why and how do I get rid of this?
+
+How can I set up Privoxy to act as a proxy for my
+ LAN?
- These are URLs that match something in one of
- Privoxy's block actions (+block). It is meant
- to be a warning so that you know something has been blocked and an easy way
- for you to see why. These are handled differently than what has been defined
- explicitly as images (e.g. ad banners). Depending on the
- URL itself, it is sometimes hard for Privoxy to
- really know whether there is indeed an ad image there or not. And there are
- limitations as to what Privoxy can do to
- fool the browser.
+ By default, Privoxy only responds to requests
+ from 127.0.0.1 (localhost). To have it act as a server for
+ a network, this needs to be changed in the main configuration file. Look for
+ the listen-address
+ option, which may be commented out with a # symbol. Make sure
+ it is uncommented, and assign it the address of the LAN gateway interface,
+ and port number to use. Assuming your LAN address is 192.168.1.1 and you
+ wish to run Privoxy on port 8118, this line
+ should look like:
- For instance, if the ad is in a frame, then it is embedded in the separate
- HTML page used for the frame. In this case, you cannot just substitute an
- aribitray image (like we would for a blank image), for an HTML
- page. The browser is expecting an HTML page, and that is what it must have
- for frames. So this situation can be a little trickier to deal with, and
- Privoxy will use the Blocked page.
+
+ listen-address 192.168.1.1:8118
- If you want these to be treated as if they were images, so that they can be
- made invisible, you can try moving the offending URL from the
- +block section to the +imageblock section of
- your actions file. Just be forewarned, if any URL is made
- invisible, you may not have any inkling that something has
- been removed from that page, or why. If this approach does not work, then you are
- probably dealing with a frame (or ilayer), and the only thing
- that can go there is an HTML page of some sort.
+ Save the file, and restart Privoxy. Configure
+ all browsers on the network then to use this address and port number.
+
- To deal with this situation, you could modify the
- block HTML template that is used by
- Privoxy to display this, and make it something
- more to your liking. Currently, there is no configuration option for this.
- You will have to modify, or create your own page, and use this to replace
- templates/blocked, which is what
- Privoxy uses to display the Blocked
- page.
+ Alternately, you can have Privoxy listen on
+ all available interfaces:
+
- Another way to deal with this is find why and where
- Privoxy is blocking the frame, and
- diable this. Then let the +image-blocker action
- handle the ad that is embedded in the frame's HTML page.
+
+ listen-address :8118
-
-
-
-I cannot see all of the Blocked page banner. All I
-see is a bright red square.
- There is not enough space to fit the entire page. Try right clicking on the
- visible, red portion, and select Show Frame, or equivalent.
- This will usually allow you to see the entire Privoxy Blocked
- page, and from there you can see just what is being blocked, and why.
+ And then use Privoxy's
+ permit-access
+ feature to limit connections. A firewall in this situation is recommended
+ as well.
-
-
-How can I make Privoxy work with other
-proxies like Squid?
- This can be done. See the user manual,
- which describes how to do this.
+ The above steps should be the same for any TCP network, regardless of
+ operating system.
+
+
+ If you run Privoxy on a LAN with untrusted users,
+ we recommend that you double-check the access control and security
+ options!
-
-
-
-
-Miscellaneous
-How much does Privoxy slow my browsing down? This
-has to add extra time to browsing.
+Instead of ads, now I get a checkerboard pattern. I don't want to see anything.
- It should not slow you down any in real terms, and may actually help
- speed things up since ads, banners and other junk are not being displayed.
- The actual processing time required by Privoxy
- itself for each page, is relatively small in the overall scheme of things,
- and happens very quickly. This is typically more than offset by time saved
- not downloading and rendering ad images.
+ The replacement for blocked images can be controlled with the set-image-blocker
+ action. You have the choice of a checkerboard pattern, a transparent 1x1 GIF
+ image (aka blank), or a redirect to a custom image of your choice.
+ Note that this choice only has effect for images which are blocked as images, i.e.
+ whose URLs match both a handle-as-image
+ andblock action.
-
- Filtering via the filterfile
- mechanism may cause a perceived slowdown, since the entire page is buffered
- before displaying. See below.
+ If you want to see nothing, then change the set-image-blocker
+ action to blank. This can be done by editing the
+ user.action file, or through the web-based actions file editor.
-
-
-I noticed considerable
-delays in page requests compared to the old Junkbuster. What's wrong?
-
-Using the default filtering configuration, I noticed considerable delays in
-page requests compared to the old Junkbuster. Loading pages with large contents
-seemed to take forever, then suddenly delivering all the content at once.
-
-
-The whole content must be loaded in order to filter, and nothing is is
-sent to the browser during this time. The loading time does not really
-change in real numbers, but the feeling is different, because most
-browsers are able to start rendering incomplete content, giving the
-user a feeling of "it works".
-
+
+Why would anybody want to see a checkerboard pattern?
-To modify the content of a page (i.e. make frames resizeable again, etc.) and
-not just replace ads, Privoxy needs to download the
-entire page first, do its content magic and then send the page to the browser.
+ Remember that telling which image is an ad and which
+ isn't, is an educated guess. While we hope that the standard configuration
+ is rather smart, it will make occasional mistakes. The checkerboard image is visually
+ decent, and it shows you where images have been blocked, which can be very
+ helpful in case some navigation aid or otherwise innocent image was
+ erroneously blocked. It is recommended for new users so they can
+ see what is happening. Some people might also enjoy seeing how
+ many banners they don't have to see.
-
+
-What is the "http://p.p/"?
+
+I see some images being replaced with text
+instead of the checkerboard image. Why and how do I get rid of this?
-Since Privoxy sits between your web browser and the Internet, it can be
-programmed to handle certain pages specially.
+ This happens when the banners are not embedded in the HTML code of the
+ page itself, but in separate HTML (sub)documents that are loaded into (i)frames
+ or (i)layers, and these external HTML documents are blocked. Being non-images
+ they get replaced by a substitute HTML page rather than a substitute image,
+ which wouldn't work out technically, since the browser expects and accepts
+ only HTML when it has requested an HTML document.
-
-With recent versions of Privoxy (version 2.9.x), you can get some
-information about Privoxy and change some settings by going to
-http://p.p/ or, equivalently, http://config.privoxy.org/
-(Note that p.p is far easier to type but may not work in some
-configurations. With the name change to Privoxy,
-this is changed from the previous http://i.j.b/ or earlier 2.9.x versions).
+ The substitute page adapts to the available space and shows itself as a
+ miniature two-liner if loaded into small frames, or full-blown with a
+ large red "BLOCKED" banner if space allows.
-
-These pages are not forwarded to a server on the Internet
-- instead they are handled by a special web server which is built in to
-Privoxy.
+ If you prefer the banners to be blocked by images, you must see to it that
+ the HTML documents in which they are embedded are not blocked. Clicking
+ the See why link offered in the substitute page will show
+ you which rule blocked the page. After changing the rule and un-blocking
+ the HTML documents, the browser will try to load the actual banner images
+ and the usual image blocking will (hopefully!) kick in.
+
+
+
+Can Privoxy run as a service
+on Win2K/NT/XP?
-If you are not running Privoxy, then http://p.p/ will fail, and http://config.privoxy.org/ will
-return a web page telling you you're not running
-Privoxy.
+Windows service
+ functionality. See
+ the User Manual for details on how to install and configure
+ Privoxy as a service.
-
-If you have version 2.0.2, then the equivalent is
-http://example.com/show-proxy-args (but you get far less information, and you
-should really consider upgrading to 2.9.x).
+ Earlier ]]>3.x versions could run as a system service using srvany.exe.
+ See the discussion at http://sourceforge.net/tracker/?func=detail&atid=361118&aid=485617&group_id=11118,
+ for details, and a sample configuration.
-
-Do you still maintain the blocklists?
+
+Can Privoxy run as a transparent
+ proxy?
+
+ The whole idea of Privoxy is to modify client requests
+ and server responses in all sorts of ways and therefore
+ it's not a transparent proxy as described in
+ RFC 2616.
+
- No. The format of the blocklists has changed significantly in the versions
- 2.9.x. Once we have released the new stable version, v3.0, there will
- again be blocklists that you can update automatically.
+ However, some people say transparent proxy when they
+ mean intercepting proxy. If you are one of them,
+ please read the next entry.
+
-How can I submit new ads?
+
+Can Privoxy run as a intercepting proxy?
+
+ Privoxy can't intercept traffic itself,
+ but it can handle requests that where intercepted and redirected
+ with a packet filter (like PF or
+ iptables), as long as the Host
+ header is present.
+
- As of now, please discontinue to submit new ad blocking infos. Once we
- have released the new version, there will again be a form on the website,
- which you can use to contribute new ads.
+ As the Host header is required by HTTP/1.1 and as most
+ web sites rely on it anyway, this limitation shouldn't be a problem.
+
+ Please refer to your packet filter's documentation to learn how to
+ intercept and redirect traffic into Privoxy.
+ Afterward you just have to configure Privoxy to
+ accept
+ intercepted requests.
+
+
-How can I hide my IP address?
+
+How can I configure Privoxy for use with Outlook?
- You cannot hide your IP address with Privoxy or any other software, since
-the server needs to know your IP address to send the answer to you.
+ Versions of Outlook prior to Office 2007, use
+ Internet Explorer components to both render HTML,
+ and fetch any HTTP requests that may be embedded in an HTML email. So however
+ you have Privoxy configured to work with IE, this
+ configuration should automatically be shared, at least with older version of
+ Internet Explorer.
-Fortunately there are many publicly usable anonymous proxies out there, which
-solve the problem by providing a further level of indirection between you and
-the web server, shared by many people and thus letting your requests "drown"
-in white noise of unrelated requests as far as user tracking is concerned.
+ Starting with Office 2007, Microsoft is instead using the MS-Word rendering
+ engine with Outlook. It is unknown whether this can be configured to use a
+ proxy.
+
+
+
+
+How can I have separate rules just for HTML mail?
-Most of them will, however, log your IP address and make it available to the
-authorities in case you abuse that anonymity for criminal purposes. In fact
-you can't even rule out that some of them only exist to *collect* information
-on (those suspicious) people with a more than average preference for privacy.
+ The short answer is, you can't. Privoxy has no way
+ of knowing which particular application makes a request, so there is no way to
+ distinguish between web pages and HTML mail.
+ Privoxy just blindly proxies all requests. In the
+ case of Outlook Express (see above), OE uses
+ IE anyway, and there is no way for Privoxy to ever
+ be able to distinguish between them (nor could any other proxy type application for
+ that matter).
-You can find a list of anonymous public proxies at multiproxy.org and many
-more through Google.
+ For a good discussion of some of the issues involved (including privacy and
+ security issues), see
+ http://sourceforge.net/tracker/?func=detail&atid=211118&aid=629518&group_id=11118.
-
-
-
-
-
-
-
+
+I sometimes notice cookies sneaking through. How?
+
+ Cookies can be
+ set in several ways. The classic method is via the
+ Set-Cookie HTTP header. This is straightforward, and an
+ easy one to manipulate, such as the &my-app; concept of
+ session-cookies-only.
+ There is also the possibility of using
+ Javascript to
+ set cookies (&my-app; calls these content-cookies). This
+ is trickier because the syntax can vary widely, and thus requires a certain
+ amount of guesswork. It is not realistic to catch all of these short of
+ disabling Javascript, which would break many sites. And lastly, if the
+ cookies are embedded in a HTTPS/SSL secure session via Javascript, they are beyond
+ Privoxy's reach.
+
+
+ All in all, &my-app; can help manage cookies in general, can help minimize
+ the loss of privacy posed by cookies, but can't realistically stop all
+ cookies.
+
+
-
-Can Privoxy guarantee I am anonymous?
+
+Are all cookies bad? Why?
- No. Your chances of remaining anonymous are greatly improved, but unless you
- are an expert on Internet security it would be safest to assume that
- everything you do on the Web can be traced back to you.
+ No, in fact there are many beneficial uses of
+ cookies. Cookies are just a
+ method that browsers can use to store data between pages, or between browser
+ sessions. Sometimes there is a good reason for this, and the user's life is a
+ bit easier as a result. But there is a long history of some websites taking
+ advantage of this layer of trust, and using the data they glean from you and
+ your browsing habits for their own purposes, and maybe to your potential
+ detriment. Such sites are using you and storing their data on your system.
+ That is why the privacy conscious watch from whom those cookies come, and why
+ they really need to be there.
- Privoxy can remove various information about you,
- and allows you more freedom to decide which sites
- you can trust. But it's still possible that web sites can find out who you
- are. Here's one way this can happen.
+ See the
+ Wikipedia cookie
+ definition for more.
+
+
+
+How can I allow permanent cookies for my trusted sites?
+
- A few browsers disclose the user's email address in certain situations, such
- as when transferring a file by FTP. Privoxy
- does not filter FTP. If you need this feature, or are concerned about the
- mail handler of your browser disclosing your email address, you might
- consider products such as NSClean.
+ There are several actions that relate to cookies. The default behavior is to
+ allow only session cookies, which means the cookies only last
+ for the current browser session. This eliminates most kinds of abuse related
+ to cookies. But there may be cases where you want cookies to last.
- Browsers available only as binaries could use non-standard headers to give
- out any information they can have access to: see the manufacturer's license
- agreement. It's impossible to anticipate and prevent every breach of privacy
- that might occur. The professionally paranoid prefer browsers available as
- source code, because anticipating their behavior is easier. Trust the source,
- Luke!
+ To disable all cookie actions, so that cookies are allowed unrestricted,
+ both in and out, for example.com:
+
+
+
+ { -crunch-incoming-cookies -crunch-outgoing-cookies -session-cookies-only -filter{content-cookies} }
+ .example.com
+
+
+ Place the above in user.action. Note that some of these may
+ be off by default anyway, so this might be redundant, but there is no harm
+ being explicit in what you want to happen. user.action
+ includes an alias for this situation, called
+ allow-all-cookies.
-
-
-Might some things break because header information is
-being altered?
-
+
+Can I have separate configurations for different users?
- Definitely. More and more sites use HTTP header content to decide what to
- display and how to display it. There is many ways that this can be handled,
- so having hard and fast rules, is tricky.
+ Each instance of Privoxy has its own
+ configuration, including such attributes as the TCP port that it listens on.
+ What you can do is run multiple instances of Privoxy, each with
+ a unique
+ listen-address
+ configuration setting, and configuration path, and then
+ each of these can have their own configurations. Think of it as per-port
+ configuration.
-
- USER AGENT in particular is often used in this way to identify
- the browser, and adjust content accordingly. Changing this now is not
- recommended, since so many sites do look for this. You may get undesirable
- results by changing this.
+ Simple enough for a few users, but for large installations, consider having
+ groups of users that might share like configurations.
+
+
+Can I set-up Privoxy as a whitelist of
+good sites?
- For instance, different browsers use different encodings of Russian and Czech
- characters, certain web servers convert pages on-the-fly according to the
- User Agent header. Giving a User Agent with the wrong
- operating system or browser manufacturer causes some sites in these languages
- to be garbled; Surfers to Eastern European sites should change it to
- something closer. And then some page access counters work by looking at the
- REFERER header; they may fail or break if unavailable. The
- weather maps of Intellicast have been blocked by their server when no
- REFERER or cookie is provided, is another example. There are
- many, many other ways things can go wrong when trying to fool a web server.
+ Sure. There are a couple of things you can do for simple white-listing.
+ Here's one real easy one:
+
+ ############################################################
+ # Blacklist
+ ############################################################
+ { +block }
+ / # Block *all* URLs
+ ############################################################
+ # Whitelist
+ ############################################################
+ { -block }
+ kids.example.com
+ toys.example.com
+ games.example.com
- If you have problems with a site, you will have to adjust your configuration
- accordingly. Cookies are probably the most likely adjustment that may
- be required, but by no means the only one.
-
+ This allows access to only those three sites by first blocking all URLs, and
+ then subsequently allowing three specific exceptions.
+
+
+ Another approach is Privoxy's
+ trustfile concept, which incorporates the notion of
+ trusted referrers. See the Trust documentation
+ for details.
+
+
+ These are fairly simple approaches and are not completely foolproof. There
+ are various other configuration options that should be disabled (described
+ elsewhere here and in the User Manual)
+ so that users can't modify their own configuration and easily circumvent the
+ whitelist.
-
-
-
-Can Privoxy act as a caching proxy to
-speed up web browsing?
+
+How can I turn off ad-blocking?
+
+ Ad blocking is achieved through a complex application of various &my-app;
+ actions. These
+ actions are deployed against simple images, banners, flash animations,
+ text pages, JavaScript, pop-ups and pop-unders, etc., so its not as simple as
+ just turning one or two actions off. The various actions that make up
+ &my-app; ad blocking are hard-coded into the default configuration files. It
+ has been assumed that everyone using &my-app; is interested in this
+ particular feature.
+
+
+ If you want to do without this, there are several approaches you can take:
+ You can manually undo the many block rules in
+ default.action. Or even easier, just create your own
+ default.action file from scratch without the many ad
+ blocking rules, and corresponding exceptions. Or lastly, if you are not
+ concerned about the additional blocks that are done for privacy reasons, you
+ can very easily over-ride all blocking with the
+ following very simple rule in your user.action:
+
+
+
+ # Unblock everybody, everywhere
+ { -block }
+ / # UN-Block *all* URLs
+
- No, it does not have this ability at all. You want something like
- Squid for this. And, yes,
- before you ask, Privoxy can co-exist
- with other kinds of proxies like Squid.
+ Or even a more comprehensive reversing of various ad related actions:
+
+
+
+ # Unblock everybody, everywhere, and turn off appropriate filtering, etc
+ { -block \
+ -filter{banners-by-size} \
+ -filter{banners-by-link} \
+ allow-popups \
+ }
+ / # UN-Block *all* URLs and allow ads
+
+
+ This last action in this compound statement,
+ allow-popups, is an alias that disables
+ various pop-up blocking features.
-
-What about as a firewall? Can Privoxy protect me?
+
+How can I have custom template pages, like the
+BLOCKED page?
- Not in the way you mean, or in the way a true firewall can, or a proxy that
- has this specific capability. Privoxy can help
- protect your privacy, but not really protect you from intrusion attempts.
+ &my-app; templates are specialized text files utilized by
+ &my-app; for various purposes and can easily be modified using any text
+ editor. All the template pages are installed in a sub-directory appropriately
+ named: templates. Knowing something about HTML syntax
+ will of course be helpful.
+
+
+ Be forewarned that the default templates are subject to being overwritten
+ during upgrades. You can, however, create completely new templates,
+ place them in another directory and specify the alternate path in the main
+ config. For details, have a look at the templdir option.
-
-
-The Privoxy logo that replaces ads is very blocky
-and ugly looking. Can't a better font be used?
-
+
+How can I remove the Go There Anyway link from
+the BLOCKED page?
+
+ There is more than one way to do it (although Perl is not involved).
+
+
+ Editing the BLOCKED template page (see above) may dissuade some users, but
+ this method is easily circumvented. Where you need this level of control, you
+ might want to build &my-app; from source, and disable various features that are
+ available as compile-time options. You should
+ configure the sources as follows:
+
+
+
+ ./configure --disable-toggle --disable-editor --disable-force
+
- This is not a font problem. The logo is an image that is created by
- Privoxy on the fly. So as to not waste
- memory, the image is rather small. The blockiness comes when the
- image is scaled to fill a largish area. There is not much to be done
- about this, other than to use one of the other
- imageblock directives: pattern,
- blank, or a URL of your choosing.
+ This will create an executable with hard-coded security features so that
+ &my-app; does not allow easy bypassing of blocked sites, or changing the
+ current configuration via any connected user's web browser.
-Given the above problem, we have decided to remove the logo option entirely
-[as of v2.9.13].
+ Finally, all of these features can also be toggled on/off via options in
+ Privoxy's main config file which
+ means you don't have to recompile anything.
+
+
+
+
+
+
+
+Miscellaneous
-I have large empty spaces now where ads used to be.
-Why?
+How much does Privoxy slow my browsing down? This
+has to add extra time to browsing.
- It would be easy enough to just eliminate this space altogether, rather than
- fill it with blank space. But, this would create problems with many pages
- that use the overall size of the ad to help organize the page layout and
- position the various components of the page where they were intended to be.
- It is best left this way.
+ How much of an impact depends on many things, including the CPU of the host
+ system, how aggressive the configuration is, which specific actions are being triggered,
+ the size of the page, the bandwidth of the connection, etc.
+
+
+ Overall, it should not slow you down any in real terms, and may actually help
+ speed things up since ads, banners and other junk are not typically being
+ retrieved and displayed. The actual processing time required by
+ Privoxy itself for each page, is relatively small
+ in the overall scheme of things, and happens very quickly. This is typically
+ more than offset by time saved not downloading and rendering ad images and
+ other junk content (if ad blocking is being used).
-
-
-
-How can Privoxy filter Secure (HTTPS) URLs?
- This is a limitation since HTTPS transactions are encrypted SSL sessions
- between your browser and the secure site, and are meant to be reliably
- secure and private. This means that all cookies and HTTP
- header information are also encrypted from the time they leave your browser,
- to the site, and vice versa. Privoxy does not
- try to unencrypt this information, so it just passes through as is.
- Privoxy can still catch images and ads that
- are embedded in the SSL stream though.
+ Filtering content via the filter or
+ deanimate-gifs
+ actions may cause a perceived slowdown, since the entire document
+ needs to be buffered before displaying. And on very large documents,
+ filtering may have some measurable impact. How much depends on the page size,
+ the actual definition of the filter(s), etc. See below. Most other actions
+ have little to no impact on speed.
+
+
+ Also, when filtering is enabled but zlib support isn't available, compression
+ is often disabled (see prevent-compression).
+ This can have an impact on speed as well, although it's probably smaller than
+ you might think. Again, the page size, etc. will determine how much of an impact.
-
-Privoxy runs as a server. How
-secure is it? Do I need to take any special precautions?
+I notice considerable
+delays in page requests. What's wrong?
- There are no known exploits that might effect
- Privoxy. On Unix-like systems,
- Privoxy can run as a non-privileged
- user, which is how we recommend it be run. Also, by default
- Privoxy only listens to requests
- from localhost. The server aspect of
- Privoxy is not itself directly exposed to the
- Internet in this configuration. If you want to have
- Privoxy serve as a LAN proxy, this will have to
- be opened up to allow for LAN requests. In this case, we'd recommend
- you specify only the LAN gateway address, e.g. 192.168.1.1, in the main
- Privoxy config file. All LAN hosts can then use
- this as their proxy address in the browser proxy configuration. In this way,
- Privoxy will not listen on any external ports.
- Of course, a firewall is always good too. Better safe than sorry.
+ If you use any filter action,
+ such as filtering banners by size, web-bugs etc, or the deanimate-gifs
+ action, the entire document must be loaded into memory in order for the filtering
+ mechanism to work, and nothing is sent to the browser during this time.
+
+
+ The loading time typically does not really change much in real numbers, but
+ the feeling is different, because most browsers are able to start rendering
+ incomplete content, giving the user a feeling of "it works". This effect is
+ more noticeable on slower dialup connections. Extremely large documents
+ may have some impact on the time to load the page where there is filtering
+ being done. But overall, the difference should be very minimal. If there is a
+ big impact, then probably some other situation is contributing (like
+ anti-virus software).
+
+
+ Filtering is automatically disabled for inappropriate MIME types. But note
+ that if the web server mis-reports the MIME type, then content that should
+ not be filtered, could be. Privoxy only knows how
+ to differentiate filterable content because of the MIME type as reported by
+ the server, or because of some configuration setting that enables/disables
+ filtering.
-
-
-How can I temporarily disable Privoxy?
+What are "http://config.privoxy.org/" and
+"http://p.p/"?
- The easiest way is to access Privoxy with your
- browser by using the special URL: http://p.p/
- and select "Toggle Privoxy on or off" from that page.
-
+ http://config.privoxy.org/ is the
+ address of Privoxy's built-in user interface, and
+ http://p.p/ is a shortcut for it.
+
+
+ Since Privoxy sits between your web browser and the Internet,
+ it can simply intercept requests for these addresses and answer them with its built-in
+ web server.
+
+
+ This also makes for a good test for your browser configuration: If entering the
+ URL http://config.privoxy.org/
+ takes you to a page saying This is Privoxy ..., everything is OK.
+ If you get a page saying Privoxy is not working instead, then
+ your browser didn't use Privoxy for the request,
+ hence it could not be intercepted, and you have accessed the real
+ web site at config.privoxy.org.
-
-
-Where can I find more information about Privoxy
-and related issues?
+
-
- &seealso;
+How can I submit new ads, or report
+problems?
+
+Please see the Contact section for
+various ways to interact with the developers.
+
-
+
-
+Why doesn't anyone answer my support
+request?
+
+Rest assured that it has been read and considered. Why it is not answered,
+could be for various reasons, including no one has a good answer for it, no
+one has had time to yet investigate it thoroughly, it has been reported
+numerous times already, or because not enough information was provided to help
+us help you. Your efforts are not wasted, and we do appreciate them.
+
-
+
-
-Troubleshooting
-
-I just upgraded and am getting connection refused
-with every web page?
+How can I hide my IP address?
+
+ If you run both the browser and &my-app; locally, you cannot hide your IP
+ address with Privoxy or ultimately any other
+ software alone. The server needs to know your IP address so that it knows
+ where to send the responses back.
+
+
+ There are many publicly usable "anonymous" proxies out there, which
+ provide a further level of indirection between you and the web server.
+
+
+ However, these proxies are called "anonymous" because you don't need
+ to authenticate, not because they would offer any real anonymity.
+ Most of them will log your IP address and make it available to the
+ authorities in case you violate the law of the country they run in. In fact
+ you can't even rule out that some of them only exist to *collect* information
+ on (those suspicious) people with a more than average preference for privacy.
+
- Either Privoxy is not running, or your
- browser is configured for a different port than what
- Privoxy is using.
+ If you want to hide your IP address from most adversaries,
+ you should consider chaining Privoxy
+ with Tor.
+ The configuration details can be found in
+ How do I use Privoxy together
+ with Tor section
+ just below.
+
+
+Can Privoxy guarantee I am anonymous?
+
+ No. Your chances of remaining anonymous are improved, but unless you
+ chain Privoxy with Tor
+ or a similar proxy and know what you're doing when it comes to configuring
+ the rest of your system, you should assume that everything you do
+ on the Web can be traced back to you.
+
+
+ Privoxy can remove various information about you,
+ and allows you more freedom to decide which sites
+ you can trust, and what details you want to reveal. But it neither
+ hides your IP address, nor can it guarantee that the rest of the system
+ behaves correctly. There are several possibilities how a web sites can find
+ out who you are, even if you are using a strict Privoxy
+ configuration and chained it with Tor.
+
+
+ Most of Privoxy's privacy-enhancing features can be easily subverted
+ by an insecure browser configuration, therefore you should use a browser that can
+ be configured to only execute code from trusted sites, and be careful which sites you trust.
+ For example there is no point in having Privoxy
+ modify the User-Agent header, if websites can get all the information they want
+ through JavaScript, ActiveX, Flash, Java etc.
+
+
+ A few browsers disclose the user's email address in certain situations, such
+ as when transferring a file by FTP. Privoxy
+ does not filter FTP. If you need this feature, or are concerned about the
+ mail handler of your browser disclosing your email address, you might
+ consider products such as NSClean.
+
- The old Privoxy (and also
- Junkbuster) used port 8000 by
- default. This has been changed to port 8118 now, due to a conflict
- with NAS (Network Audio Service), which uses port 8000. If you haven't,
- you need to change your browser to the new port number, or alternately
- change Privoxy'slisten-address
- setting in the config file used to start
- Privoxy.
+ Browsers available only as binaries could use non-standard headers to give
+ out any information they can have access to: see the manufacturer's license
+ agreement. It's impossible to anticipate and prevent every breach of privacy
+ that might occur. The professionally paranoid prefer browsers available as
+ source code, because anticipating their behavior is easier. Trust the source,
+ Luke!
-I just added a new rule, but the steenkin ad is
-still getting through. How?
+A test site says I am not using a Proxy.
- If the ad had been displayed before you added its URL, it will probably be
- held in the browser's cache for some time, so it will be displayed without
- the need for any request to the server, and Privoxy
- will not be in the picture. The best thing to do is try flushing the browser's
- caches. And then try again.
+ Good! Actually, they are probably testing for some other kinds of proxies.
+ Hiding yourself completely would require additional steps.
+
+How do I use Privoxy
+ together with Tor?
- If this doesn't help, you probably have an error in the rule you
- applied. Try pasting the full URL of the offending ad into http://config.privoxy.org/show-url-info
- and see if any actions match your new rule.
+ Before you configure Privoxy to use
+ Tor,
+ please follow the User Manual chapters
+ 2. Installation and
+ 5. Startup to make sure
+ Privoxy itself is setup correctly.
+
+
+ If it is, refer to Tor's
+ extensive documentation to learn how to install Tor,
+ and make sure Tor's logfile says that
+ Tor has successfully opened a circuit and it
+ looks like client functionality is working.
+
+
+ If either Tor or Privoxy
+ isn't working, their combination most likely will neither. Testing them on their
+ own will also help you to direct problem reports to the right audience.
+ If Privoxy isn't working, don't bother the
+ Tor developers. If Tor
+ isn't working, don't send bug reports to the Privoxy Team.
+
+
+ If you verified that Privoxy and Tor
+ are working, it is time to connect them. As far as Privoxy
+ is concerned, Tor is just another proxy that can be reached
+ by socks4, socks4a and socks5. Most likely you are interested in Tor
+ to increase your anonymity level, therefore you should use socks5, to make sure DNS
+ requests are done through Tor and thus invisible to your
+ local network. Using socks4a would work too, but with socks5 you get more precise error
+ messages.
+
+ Since Privoxy 3.0.5, its
+ main configuration file
+ is already prepared for Tor, if you are using a
+ default Tor configuration and run it on the same
+ system as &my-app;, you just have to edit the
+ forwarding section
+ and uncomment the line:
+
+
+
+# forward-socks5 / 127.0.0.1:9050 .
+
+
+
+ This is enough to reach the Internet, but additionally you might want to
+ uncomment the following forward rules, to make sure your local network is still
+ reachable through Privoxy:
+
+
+
+# forward 192.168.*.*/ .
+# forward 10.*.*.*/ .
+# forward 127.*.*.*/ .
+
+
+
+ Unencrypted connections to systems in these address ranges will
+ be as (un)secure as the local network is, but the alternative is
+ that your browser can't reach the network at all. Then again,
+ that may actually be desired and if you don't know for sure
+ that your browser has to be able to reach the local network,
+ there's no reason to allow it.
+
+
+ If you want your browser to be able to reach servers in your local
+ network by using their names, you will need additional exceptions
+ that look like this:
+
+
+
+# forward localhost/ .
+
+
+
+ Save the modified configuration file and open
+ http://config.privoxy.org/show-status
+ in your browser, confirm that Privoxy has reloaded its configuration
+ and that there are no other forward lines, unless you know that you need them. If everything looks good,
+ refer to
+ Tor
+ Faq 4.2 to learn how to verify that you are really using Tor.
+
+
+ Afterward, please take the time to at least skim through the rest
+ of Tor's documentation. Make sure you understand
+ what Tor does, why it is no replacement for
+ application level security, and why you probably don't want to
+ use it for unencrypted logins.
+
-One of my favorite sites does not work with Privoxy.
-What can I do?
+Might some things break because header information or
+content is being altered?
- First verify that it is indeed a Privoxy problem,
- by disabling Privoxy filtering and blocking.
- Go to http://p.p/ and click on
- Toggle Privoxy On or Off, then disable it. Now try that
- page again. It's probably a good idea to flush the browser cache as well.
+ Definitely. It is common for sites to use browser type, browser version,
+ HTTP header content, and various other techniques in order to dynamically
+ decide what to display and how to display it. What you see, and what I see,
+ might be very different. There are many, many ways that this can be handled,
+ so having hard and fast rules, is tricky.
- If still a problem, go to Show which actions apply to a URL and
- why from http://p.p/ and paste
- the full URL of the page in question into the prompt. See which actions are
- being applied to the URL. Now, armed with this information, go to Edit
- the actions list. Here you should see various sections that have
- various Privoxy features disabled for specific
- sites. Most disabled actions will have a - (minus
- sign) in front of them. Some aliases are used just to disable other actions,
- e.g. shop and fragile, and won't necessarily
- use a + or - sign. Add your problem page
- URL to one of these sections that looks like it is disabling the feature that
- is causing the problem. Rember to flush your browser's caches when making
- such changes! As a last resort, try fragile which
- disables most actions. Now re-try the page. There might be some trial and
- error involved. This is discussed in a little more detail in the user-manual appendix.
-
+ The User-Agent is sometimes used in this way to identify
+ the browser, and adjust content accordingly.
- Alternately, if you are comfortable with a text editor, you can accomplish
- the same thing by editing the appropriate actions file.
+ Also, different browsers use different encodings of non-English
+ characters, certain web servers convert pages on-the-fly according to the
+ User Agent header. Giving a User Agent with the wrong
+ operating system or browser manufacturer causes some sites in these languages
+ to be garbled; Surfers to Eastern European sites should change it to
+ something closer. And then some page access counters work by looking at the
+ Referer header; they may fail or break if unavailable. The
+ weather maps of Intellicast have been blocked by their server when no
+ Referer or cookie is provided, is another example. (But you
+ can forge both headers without giving information away). There are
+ many other ways things can go wrong when trying to fool a web server. The
+ results of which could inadvertently cause pages to load incorrectly,
+ partially, or even not at all. And there may be no obvious clues as to just
+ what went wrong, or why. Nowhere will there be a message that says
+ Turn off fast-redirects or else!
+
-
-
-
-Where can I get help? Report bugs? Feature Requests? Etc?
- Feedback is encouraged, whether good, bad or ugly. Please see the contact
- page in the user-manual for
- details.
+ Similar thoughts apply to modifying JavaScript, and, to a lesser degree,
+ HTML elements.
+
+
+ If you have problems with a site, you will have to adjust your configuration
+ accordingly. Cookies are probably the most likely adjustment that may
+ be required, but by no means the only one.
+
-What time is it?
+Can Privoxy act as a caching proxy to
+speed up web browsing?
- Time for you to go!
+ No, it does not have this ability at all. You want something like
+ Squid or
+ Polipo for this.
+ And, yes, before you ask, Privoxy can co-exist
+ with other kinds of proxies like Squid.
+ See the forwarding
+ chapter in the user
+ manual for details.
-
-
-
-
-
-
-
-
-
+
+ But, this would consume considerably more CPU resources (IOW, slow things
+ down), would likely destroy the layout of some web pages which rely on the
+ banners utilizing a certain amount of page space, and might fail in other
+ cases, where the screen space is reserved (e.g. by HTML tables for instance).
+ Also, making ads and banners disappear without any trace complicates
+ troubleshooting, and would sooner or later be problematic.
+
+
+ The better alternative is to instead let them stay, and block the resulting
+ requests for the banners themselves as is now the case. This leaves either
+ empty space, or the familiar checkerboard pattern.
+
+
+ So the developers won't support this in the default configuration, but you
+ can of course define appropriate filters yourself to achieve this.
+
+
-
-
+ &seealso;
+
+
+
+
+
+
+I've noticed that Privoxy changes Microsoft to
+MicroSuck! Why are you manipulating my browsing?
+
+
+ We're not. The text substitutions that you are seeing are disabled
+ in the default configuration as shipped. You have either manually
+ activated the fun filter which
+ is clearly labeled Text replacements for subversive browsing
+ fun! or you are using an older Privoxy version and have implicitly
+ activated it by choosing the Advanced profile in the
+ web-based editor. Please upgrade.
+
+
+
+
+Does Privoxy produce valid HTML (or XHTML)?
+
+
+ Privoxy generates HTML in both its own templates, and possibly
+ whenever there are text substitutions via a &my-app; filter. While this
+ should always conform to the HTML 4.01 specifications, it has not been
+ validated against this or any other standard.
+
+
+
+
+How did you manage to get Privoxy on my computer without my consent?
+
+
+ We didn't. We make Privoxy available for download, but we don't go
+ around installing it on other people's systems behind their back.
+ If you discover Privoxy running on your system and are sure you didn't
+ install it yourself, somebody else did. You may not even be running
+ the real Privoxy, but maybe something else that only pretends to be
+ Privoxy, or maybe something that is based on the real Privoxy,
+ but has been modified.
+
+
+ Lately there have been reports of problems with some kind of
+ Privoxy versions that come preinstalled on some Netbooks.
+ Some of the problems described are inconsistent with the behaviour
+ of official Privoxy versions, which suggests that the preinstalled
+ software may contain vendor modifications that we don't know about
+ and thus can't debug.
+
+
+ Privoxy's license allows vendor
+ modifications, but the vendor has to comply with the license,
+ which involves informing the user about the changes and to make
+ the changes available under the same license as Privoxy itself.
+
+
+ If you are having trouble with a modified Privoxy version,
+ please try to talk to whoever made the modifications before
+ reporting the problem to us. Please also try to convince
+ whoever made the modifications to talk to us. If you think
+ somebody gave you a modified Privoxy version without complying
+ to the license, please let us know.
+
+
+
+
+
+
+
+
+
+
+Troubleshooting
+
+
+I cannot connect to any websites. Or, I am getting
+connection refused message with every web page. Why?
+
+ There are several possibilities:
+
+
+
+
+Privoxy is not running. Solution: verify
+ that &my-app; is installed correctly, has not crashed, and is indeed running.
+ Turn on Privoxy's logging, and look at the logs to see what they say.
+
+ Or your browser is configured for a different port than what
+ Privoxy is using. Solution: verify that &my-app;
+ and your browser are set to the same port (listen-address).
+
+ Or if using a forwarding rule, you have a configuration problem or a
+ problem with a host in the forwarding chain. Solution: temporarily alter your
+ configuration and take the forwarders out of the equation.
+
+
+ Or you have a firewall that is interfering and blocking you. Solution:
+ try disabling or removing the firewall as a simple test.
+
+
+
+
+
+
+
+
+Why am I getting a 503 Error (WSAECONNREFUSED) on every page?
+
+ More than likely this is a problem with your TCP/IP networking. ZoneAlarm has
+ been reported to cause this symptom -- even if not running! The solution is
+ to either fight the ZA configuration, or uninstall ZoneAlarm, and then find
+ something better behaved in its place. Other personal firewall type products
+ may cause similar type problems if not configured correctly.
+
+
+
+
+I just added a new rule, but the steenkin ad is
+still getting through. How?
+
+ If the ad had been displayed before you added its URL, it will probably be
+ held in the browser's cache for some time, so it will be displayed without
+ the need for any request to the server, and Privoxy
+ will not be involved. Flush the browser's caches, and then try again.
+
+
+
+ If this doesn't help, you probably have an error in the rule you
+ applied. Try pasting the full URL of the offending ad into http://config.privoxy.org/show-url-info
+ and see if it really matches your new rule. Blocking ads is like blocking
+ spam: a lot of tinkering is required to stay ahead of the game. And
+ remember you need to block the URL of the ad in question, which may be
+ entirely different from the site URL itself. Most ads are hosted on different
+ servers than the main site itself. If you right-click on the ad, you should
+ be able to get all the relevant information you need. Alternately, you can
+ find the correct URL by looking at Privoxy's logs
+ (you may need to enable logging in the main config file if its disabled).
+
+
+ Below is a slightly modified real-life log snippet that originates with one
+ requested URL: www.example.com (name of site was changed
+ for this example, the number of requests is real). You can see in this the
+ complexity of what goes into making up this one page. There
+ are eight different domains involved here, with thirty two separate URLs
+ requested in all, making up all manner of images, Shockwave Flash,
+ JavaScript, CSS stylesheets, scripts, and other related content. Some of this
+ content is obviously good or bad, but not all.
+ Many of the more questionable looking requests, are going to outside domains
+ that seem to be identifying themselves with suspicious looking names, making
+ our job a little easier. &my-app; has crunched (meaning caught
+ and BLOCKED) quite a few items in this example, but perhaps missed a few as well.
+
+
+
+
+
+
+
+ Despite 12 out of 32 requests being blocked, the page looked, and seemed to
+ behave perfectly normal (minus some ads, of course).
+
+
+
+
+
+One of my favorite sites does not work with Privoxy.
+What can I do?
+
+
+ First verify that it is indeed a Privoxy problem,
+ by toggling off Privoxy through http://config.privoxy.org/toggle
+ (the toggle feature may need to be enabled in the main
+ config),
+ and then shift-reloading the problem page (i.e. holding down the shift key
+ while clicking reload. Alternatively, flush your browser's disk and memory
+ caches).
+
+
+
+ If the problem went away, we know we have a configuration related problem.
+ Now go to http://config.privoxy.org/show-url-info
+ and paste the full URL of the page in question into the prompt. See which
+ actions are being applied to the URL, and which matches in which actions
+ files are responsible for that. It might be helpful also to look at your logs
+ for this site too, to see what else might be happening (note: logging may need
+ to be enabled in the main config file). Many sites are
+ complex and require a number of related pages to help present their content.
+ Look at what else might be used by the page in question, and what of that
+ might be required.
+ Now, armed with this information, go to
+ http://config.privoxy.org/show-status
+ and select the appropriate actions files for editing.
+
+ You can now either look for a section which disables the actions that
+ you suspect to cause the problem and add a pattern for your site there,
+ or make up a completely new section for your site. In any case, the recommended
+ way is to disable only the prime suspect, reload the problem page, and only
+ if the problem persists, disable more and more actions until you have
+ identified the culprit. You may or may not want to turn the other actions
+ on again. Remember to flush your browser's caches in between any such changes!
+
+
+ Alternately, if you are comfortable with a text editor, you can accomplish
+ the same thing by editing the appropriate actions file. Probably the easiest
+ way to deal with such problems when editing by hand is to add your
+ site to a { fragile } section in user.action,
+ which is an alias that turns off most dangerous
+ actions, but is also likely to turn off more actions then needed, and thus lower
+ your privacy and protection more than necessary,
+
+
+ Troubleshooting actions is discussed in more detail in the User Manual appendix,
+ Troubleshooting: the Anatomy of an Action.
+ There is also an actions tutorial
+ with general configuration information and examples.
+
+
+ As a last resort, you can always see if your browser has a setting that will
+ bypass the proxy setting for selective sites. Modern browsers can do this.
+
+
+
+
+
+
+
+After installing Privoxy, I have to log in
+every time I start IE. What gives?
+
+
+ This is a quirk that effects the installation of
+ Privoxy, in conjunction with Internet Explorer and
+ Internet Connection Sharing on Windows 2000 and Windows XP. The symptoms may
+ appear to be corrupted or invalid DUN settings, or passwords.
+
+
+
+ When setting up an NT based Windows system with
+ Privoxy you may find that things do not seem to be
+ doing what you expect. When you set your system up you will probably have set
+ up Internet Connection Sharing (ICS) with Dial up Networking (DUN) when
+ logged in with administrator privileges. You will probably have made this DUN
+ connection available to other accounts that you may have set-up on your
+ system. E.g. Mum or Dad sets up the system and makes accounts suitably
+ configured for the kids.
+
+
+
+ When setting up Privoxy in this environment you
+ will have to alter the proxy set-up of Internet Explorer (IE) for the
+ specific DUN connection on which you wish to use
+ Privoxy. When you do this the ICS DUN set-up
+ becomes user specific. In this instance you will see no difference if you
+ change the DUN connection under the account used to set-up the connection.
+ However when you do this from another user you will notice that the DUN
+ connection changes to make available to "Me only". You will also find that
+ you have to store the password under each different user!
+
+
+
+ The reason for this is that each user's set-up for IE is user specific. Each
+ set-up DUN connection and each LAN connection in IE store the settings for
+ each user individually. As such this enforces individual configurations
+ rather than common ones. Hence the first time you use a DUN connection after
+ re-booting your system it may not perform as you expect, and prompt you for
+ the password. Just set and save the password again and all should be OK.
+
+
+
+[Thanks to Ray Griffith for this submission.]
+
+
+
+
+
+
+I cannot connect to any FTP sites. Privoxy
+ is blocking me.
+
+ Privoxy cannot act as a proxy for FTP traffic,
+ so do not configure your browser to use Privoxy
+ as an FTP proxy. The same is true for any protocol other than HTTP
+ or HTTPS (SSL).
+
+
+ Most browsers understand FTP as well as HTTP. If you connect to a site, with
+ a URL like ftp://ftp.example.com, your browser is making
+ an FTP connection, and not a HTTP connection. So while your browser may
+ speak FTP, Privoxy does not, and cannot proxy
+ such traffic.
+
+
+ To complicate matters, some systems may have a generic proxy
+ setting, which will enable various protocols, including
+ both HTTP and FTP proxying! So it is possible to
+ accidentally enable FTP proxying in these cases. And of course, if this
+ happens, Privoxy will indeed cause problems since
+ it does not know FTP. Just disable the FTP setting
+ and all will be well again.
+
+
+ Will Privoxy ever proxy FTP traffic? Unlikely.
+ There just is not much reason, and the work to make this happen is more than
+ it may seem.
+
+
+
+
+
+In Mac OS X, I can't configure Microsoft Internet Explorer to use
+ Privoxy as the HTTP proxy.
+
+ Microsoft Internet Explorer (in versions like 5.1) respects system-wide
+ network settings. In order to change the HTTP proxy, open System
+ Preferences, and click on the Network icon. In the settings pane that
+ comes up, click on the Proxies tab. Ensure the "Web Proxy (HTTP)" checkbox
+ is checked and enter 127.0.0.1 in the entry field.
+ Enter 8118 in the Port field. The next time you start
+ IE, it should reflect these values.
+
+
+
+
+
+In Mac OS X, I dragged the Privoxy folder to the trash in order to
+ uninstall it. Now the finder tells me I don't have sufficient privileges to
+ empty the trash.
+
+ Note: This ONLY applies to privoxy 3.0.6 and earlier.
+
+
+ Just dragging the Privoxy folder to the trash is
+ not enough to delete it. Privoxy supplies an
+ uninstall.command file that takes care of
+ these details. Open the trash, drag the uninstall.command
+ file out of the trash and double-click on it. You will be prompted for
+ confirmation and the administration password.
+
+
+ The trash may still appear full after this command; emptying the trash
+ from the desktop should make it appear empty again.
+
+
+
+
+
+
+In Mac OS X Panther (10.3), images often fail to load and/or I
+ experience random delays in page loading. I'm using
+ localhost as my browser's proxy setting.
+
+ We believe this is due to an IPv6-related bug in Mac OS X, but don't fully
+ understand the issue yet. In any case, changing the proxy setting to
+ 127.0.0.1 instead of localhost
+ works around the problem.
+
+
+
+
+
+
+I get a completely blank page at one site. View Source
+ shows only: