How much of an impact depends on many things, including the CPU of the host - system, how agressive the configuration is, which specific actions are being triggered, etc.
Overall, it should not slow you down any in real terms, and may actually help - speed things up since ads, banners and other junk are not typically being displayed. - The actual processing time required by Privoxy - itself for each page, is relatively small in the overall scheme of things, - and happens very quickly. This is typically more than offset by time saved - not downloading and rendering ad images (if ad blocking is being used).
itself for each page, is relatively small + in the overall scheme of things, and happens very quickly. This is typically + more than offset by time saved not downloading and rendering ad images and + other junk content (if ad blocking is being used).deanimate-gifs - actions will cause a perceived slowdown, since the entire document needs to be buffered - before displaying. On very large documents, there may be some impact. How - much depends on the page size, the actual definition of the filter(s), etc. See below. - Most other actions have little to no impact on speed.
Also, when filtering is enabled but zlib support isn't available, compression + is often disabled (see prevent-compression). + This can have an impact on speed as well, although it's probably smaller than + you might think. Again, the page size, etc. will determine how much of an impact.
If you use any
Filtering is automatically disabled for inappropriate MIME types. But note @@ -172,26 +185,7 @@ CLASS="APPLICATION" > only knows how to differentiate filterable content because of the MIME type as reported by the server, or because of some configuration setting that enables/disables - filtering.
This should not happen, and for the overwhelming number of users world-wide, - it does not happen. I would suspect some inadvertent interaction of software - components such as anti-virus software, spyware protectors, personal - firewalls or similar components. Try disabling (or uninstalling) these one - at a time and see if that helps.
web site at config.privoxy.org.
With recent versions of Privoxy (version 2.9.x and - later), the user interface features information on the run time status, the - configuration, and even a built-in editor for the actions files.
Note that the built-in URLs from earlier versions of Junkbuster - / Privoxy, http://example.com/show-proxy-args and http://i.j.b/, - are no longer supported. If you still use such an old version, you should really consider - upgrading to 3.0.4.
Please see the Whether such submissions are eventually included in the
+ default.action configuration file depends on how
+ significant the issue is. We of course want to address any potential
+ problem with major, high-profile sites such as Google,
+ Yahoo, etc. Any site with global or regional reach,
+ has a good chance of being a candidate. But at the other end of the spectrum
+ are any number of smaller, low-profile sites such as for local clubs or
+ schools. Since their reach and impact are much less, they are best handled by
+ inclusion in the user's user.action, and thus would be
+ unlikely to be included. 4.5. If I do submit missed ads, will
+they be included in future updates?
Rest assured that it has been read and considered. Why it is not answered, could be for various reasons, including no one has a good answer for it, no -one has had time to yet investigate it thorougly, it has been reported +one has had time to yet investigate it thoroughly, it has been reported numerous times already, or because not enough information was provided to help us help you. Your efforts are not wasted, and we do appreciate them.
If you run both the browser and the proxy locally, you cannot hide your IP +> If you run both the browser and Privoxy locally, you cannot hide your IP address with Privoxy or ultimately any other - software. The server needs to know your IP address to send the answers back - to you.
Fortunately there are many publicly usable anonymous proxies out there, which - solve the problem by providing a further level of indirection between you and - the web server, shared by many people, and thus letting your requests "drown" - in white noise of unrelated requests as far as user tracking is concerned.
There are many publicly usable "anonymous" proxies out there, which + provide a further level of indirection between you and the web server.Most of them will, however, log your IP address and make it available to the - authorities in case you abuse that anonymity for criminal purposes. In fact +> However, these proxies are called "anonymous" because you don't need + to authenticate, not because they would offer any real anonymity. + Most of them will log your IP address and make it available to the + authorities in case you violate the law of the country they run in. In fact you can't even rule out that some of them only exist to *collect* information on (those suspicious) people with a more than average preference for privacy.
You can find a list of anonymous public proxies at If you want to hide your IP address from most adversaries, + you should consider chaining Privoxy + with multiproxy.org and many - more through Google. A particularly interesting project is the JAP service - offered by the Technical University of Dresden (Tor. + The configuration details can be found in + http://anon.inf.tu-dresden.de/index_en.html).
There is, however, even in the single-machine case the possibility to make the - server believe that your machine is in fact a shared proxy serving a large - LAN, and we are looking into that.
How do I use Privoxy together + with Tor section + just below. No. Your chances of remaining anonymous are improved, but unless you
+ chain Privoxy guarantee I am anonymous? No. Your chances of remaining anonymous are greatly improved, but unless you
- are an expert on Internet security it would be safest to assume that
- everything you do on the Web can be traced back to you.
you more freedom to decide which sites - you can trust, and what details you want to reveal. But it's still possible - that web sites can find out who you are. Here's one way this can happen.
more freedom to decide which sites + you can trust, and what details you want to reveal. But it neither + hides your IP address, nor can it guarantee that the rest of the system + behaves correctly. There are several possibilities how a web sites can find + out who you are, even if you are using a strict Privoxy + configuration and chained it with Tor.Most of Privoxy's privacy-enhancing features can be easily subverted + by an insecure browser configuration, therefore you should use a browser that can + be configured to only execute code from trusted sites, and be careful which sites you trust. + For example there is no point in having Privoxy + modify the User-Agent header, if websites can get all the information they want + through JavaScript, ActiveX, Flash, Java etc.
A few browsers disclose the user's email address in certain situations, such
as when transferring a file by FTP. Good! Actually, they are probably testing for some other kinds of proxies.
+ Hiding yourself completely would require additional steps.4.9. Might some things break because header information or
-content is being altered?
4.9. A test site says I am not using a Proxy.
Before you configure Privoxy to use + Tor, + please follow the User Manual chapters + 2. Installation and + 5. Startup to make sure + Privoxy itself is setup correctly.
+ If it is, refer to Tor's + extensive documentation to learn how to install Tor, + and make sure Tor's logfile says that + "Tor has successfully opened a circuit" and it + "looks like client functionality is working".
If either Tor or Privoxy + isn't working, their combination most likely will neither. Testing them on their + own will also help you to direct problem reports to the right audience. + If Privoxy isn't working, don't bother the + Tor developers. If Tor + isn't working, don't send bug reports to the Privoxy Team.
Definitely. More and more sites use HTTP header content to decide what to - display and how to display it. There is many ways that this can be handled, +> If you verified that Privoxy and Tor + are working, it is time to connect them. As far as Privoxy + is concerned, Tor is just another proxy that can be reached + by socks4 or socks4a. Most likely you are interested in Tor + to increase your anonymity level, therefore you should use socks4a, to make sure DNS requests are + done through Tor and thus invisible to your local network.
Since Privoxy 3.0.5, its + main configuration file + is already prepared for Tor, if you are using a + default Tor configuration and run it on the same + system as Privoxy, you just have to edit the + forwarding section + and uncomment the line:
# forward-socks4a / 127.0.0.1:9050 . + |
This is enough to reach the Internet, but additionally you might want to + uncomment the following forward rules, to make sure your local network is still + reachable through Privoxy:
# forward 192.168.*.*/ . +# forward 10.*.*.*/ . +# forward 127.*.*.*/ . + |
Unencrypted connections to systems in these address ranges will + be as (un)secure as the local network is, but the alternative is + that your browser can't reach the network at all. Then again, + that may actually be desired and if you don't know for sure + that your browser has to be able to reach the local network, + there's no reason to allow it.
If you want your browser to be able to reach servers in your local + network by using their names, you will need additional exceptions + that look like this:
# forward localhost/ . + |
Save the modified configuration file and open + http://config.privoxy.org/show-status/ + in your browser, confirm that Privoxy has reloaded its configuration + and that there are no other forward lines, unless you know that you need them. If everything looks good, + refer to + Tor + Faq 4.2 to learn how to verify that you are really using Tor.
Afterward, please take the time to at least skim through the rest + of Tor's documentation. Make sure you understand + what Tor does, why it is no replacement for + application level security, and why you probably don't want to + use it for unencrypted logins.
Definitely. It is common for sites to use browser type, browser version, + HTTP header content, and various other techniques in order to dynamically + decide what to display and how to display it. What you see, and what I see, + might be very different. There are many, many ways that this can be handled, so having hard and fast rules, is tricky.
The "User-Agent" in particular is often used in this way to identify - the browser, and adjust content accordingly. Changing this now (at least not - further than removing the OS information) is not recommended, since so many - sites do look for it. You may get undesirable results by changing this.
is sometimes used in this way to identify + the browser, and adjust content accordingly.For instance, different browsers use different encodings of Russian and Czech +> Also, different browsers use different encodings of non-English characters, certain web servers convert pages on-the-fly according to the User Agent header. Giving a "Referer" or cookie is provided, is another example. (But you can forge both headers without giving information away). There are - many other ways things can go wrong when trying to fool a web server.
"Turn off fast-redirects or else! + "Similar thoughts apply to modifying JavaScript, and, to a lesser degree, HTML elements.
No, it does not have this ability at all. You want something like
Squid for this. And, yes,
- before you ask, or
+ Polipo for this.
+ And, yes, before you ask, Privoxy can co-exist
@@ -498,20 +812,17 @@ CLASS="SECT2"
> Not in the way you mean, or in the way a true firewall can.
+> Not in the way you mean, or in the way some firewall vendors claim they can.
Privoxy can help protect your privacy, but not
- protect you from intrusion attempts. It is, of course, perfectly possible
- and recommended to use can help protect your privacy, but can't
+ protect your system from intrusion attempts. It is, of course, perfectly possible
+ to use It would be technically possible eliminate the banners in a way that frees
- their screen estate in many cases, by doing all banner blocking with filters,
- i.e. eliminating the whole image references from the HTML pages instead
- of letting them stay in, and blocking the resulting requests for the
- banners themselves. But this would consume considerable CPU resources, would likely destroy
- the layout of many web pages which rely on the banners consuming a certain
- amount of screen space, and would fail in other cases, where the screen space
- is reserved e.g. by tables anyway. Also, making the banners disappear without
- a visual trace complicates troubleshooting. So we won't support this in the default configuration, but you can of course
- define appropriate filters yourself. It is technically possible to eliminate banners and ads in a way that frees
+ their allocated page space. This could easily be done by blocking with
+ Privoxy's filters,
+ and eliminating the entire image references from the
+ HTML page source. But, this would consume considerably more CPU resources (IOW, slow things
+ down), would likely destroy the layout of some web pages which rely on the
+ banners utilizing a certain amount of page space, and might fail in other
+ cases, where the screen space is reserved (e.g. by HTML tables for instance).
+ Also, making ads and banners disappear without any trace complicates
+ troubleshooting, and would sooner or later be problematic. The better alternative is to instead let them stay, and block the resulting
+ requests for the banners themselves as is now the case. This leaves either
+ empty space, or the familiar checkerboard pattern. So the developers won't support this in the default configuration, but you
+ can of course define appropriate filters yourself to achieve this.4.11. What about as a firewall? Can Privoxy protect me?
4.13. What about as a firewall? Can Privoxy protect me?4.12. I have large empty spaces / a checkerboard pattern now where
-ads used to be. Why?
Since secure HTTP connections are encrypted SSL sessions between your browser
and the secure site, and are meant to be reliably There are no known exploits that might affect
- Privoxy. On Unix-like systems,
- On Unix-like systems, Privoxy can run as a non-privileged
- user, which is how we recommend it be run. Also, by default
+ user, which is how we recommend it be run. Also, by default
Privoxy only listens to requests
- from listens to requests from "localhost" only. The server aspect of
-
+ only. The server aspect of Privoxy is not itself directly exposed to the
- Internet in this configuration. If you want to have
+> is not itself directly
+ exposed to the Internet in this configuration. If you want to have
Privoxy4.15. How can I temporarily disable Privoxy?4.17. Can I temporarily disable Privoxy? The easiest way is to access Privoxy with your
- browser by using the remote toggle URL: doesn't have a transparent proxy mode,
+ but you can toggle off blocking and content filtering. The easiest way to do that is to point your browser
+ to the remote toggle URL: http://config.privoxy.org/toggle.
- See the . See the Bookmarklets sectionUser Manual for an easy way to access this
- feature.4.14. Privoxy runs as a 4.16. Privoxy runs as a "server". How
-secure is it? Do I need to take any special precautions?
No, this just means all filtering and actions are disabled. +> No, this just means all optional filtering and actions are disabled. Privoxy is still acting as a proxy, but just not - doing any of the things that is still acting as a proxy, but just + doing less of the things that Privoxy would @@ -728,26 +1045,40 @@ CLASS="APPLICATION" CLASS="QUOTE" >"middle-man" in - the interaction between your browser and web sites.
Bypassing a proxy, or proxying based on arbitrary criteria, is purely a browser + configuration issue, not a Privoxy issue. Modern browsers typically do have + settings for not proxying certain sites. Check your browser's help files.
A "crunch".
Since version 3.0.7, Privoxy will also log the crunch reason. + If you are using an older version you might want to upgrade.
From the webserver's perspective, there is no difference between
viewing a document (i.e. a page), and downloading a file. The same is true of
@@ -815,7 +1146,7 @@ TARGET="_top"
> Filtering is potentially more of a concern since the results are not always
so obvious, and the effects of filtering are there whether the file is simply
viewed, or downloaded. And potentially whether the content is some obnoxious
- advertizement, or Mr. Jimmy's latest/greatest source code jewel. Of course,
+ advertisement, or Mr. Jimmy's latest/greatest source code jewel. Of course,
one of these presumably is "bad" knows the differences in files according
to the "Document Type""Content Type" as reported by the webserver. If this is
reported accurately (e.g. Note that versions later than 3.0.2 do NOT filter document types of
+> Note that versions later than 3.0.2 do NOT filter document types reported as
"text/plain" In short, filtering is "ON" if a) the Document Type as reported
+> if a) the content type as reported
by the webserver is appropriate "bad". It's the configuration that let's it all happen or not.
If you download text files, you probably do not want these to be filtered, particularly if the content is source code, or other critical content. Source @@ -923,7 +1254,7 @@ CLASS="EMPHASIS" CLASS="APPLICATION" >Privoxy does not do FTP at all, only HTTP - protocols, so please don't even try.
Please read above.
One time-tested technique to defeat common ads is to trick the local DNS + system by giving a phony IP address for the ad generator in the local + HOSTS file, typically using 127.0.0.1, aka + localhost. This effectively blocks the ad.
There is no reason to use this technique in conjunction with + Privoxy. Privoxy -and related issues?HOSTS file, in fact, not only + duplicates effort, but may get in the way and seriously slow down your system. + It is recommended to remove such entries from your HOSTS file. If you think + your hosts list is neglected by Privoxy's + configuration, consider adding your list to your user.action file:
{ +block }
+ www.ad.example1.com
+ ad.example2.com
+ ads.galore.example.com
+ etc.example.com |
Other references and sites of interest to We're not. The text substitutions that you are seeing are disabled
in the default configuration as shipped. You have either manually
@@ -1221,15 +1669,35 @@ CLASS="LITERAL"
CLASS="QUOTE"
>"Text replacements for subversive browsing
fun!" Privoxy generates HTML in both its own "templates", and possibly
+ whenever there are text substitutions via a Advanced profile). http://www.privoxy.org/actions/http://sourceforge.net/tracker/?group_id=11118&atid=460288, to submit "misses" to the developers.
+> and other
+ configuration related suggestions to the developers.
+ http://privacy.net/analyze/http://privacy.net/, a useful site
to check what information about you is leaked while you browse the web.
http://www.squid-cache.org/, a very popular
+>, a popular
caching proxy, which is often used together with Privoxy http://www.pps.jussieu.fr/~jch/software/polipo/,
+ Polipo is a caching proxy with advanced features
+ like pipelining, multiplexing and caching of partial instances. In many setups
+ it can be used as Squid replacement.
+
+ http://tor.eff.org/,
+ Tor can help anonymize web browsing,
+ web publishing, instant messaging, IRC, SSH, and other applications.
+ http://www.privoxy.org/developer-manual/4.21. I've noticed that Privoxy changes 4.25. I've noticed that Privoxy changes "Microsoft" to
"MicroSuck"! Why are you manipulating my browsing?! Why are you manipulating my browsing? 4.26. Does Privoxy produce "valid" HTML (or XHTML)?