| - Privoxy Frequently Asked Questions - | +
+ + # forward-socks5t / 127.0.0.1:9050 . ++ |
||
|---|---|---|---|
Note that if you got Tor through one of the bundles, you may have to + change the port from 9050 to 9150 (or even another one). For details, + please check the documentation on the Tor website.
+This is enough to reach the Internet, but additionally you might + want to uncomment the following forward rules, to make sure your local + network is still reachable through Privoxy:
+| - Prev + |
+ # forward 192.168.*.*/ . +# forward 10.*.*.*/ . +# forward 127.*.*.*/ . + |
- + |
Unencrypted connections to systems in these address ranges will be + as (un)secure as the local network is, but the alternative is that your + browser can't reach the network at all. Then again, that may actually + be desired and if you don't know for sure that your browser has to be + able to reach the local network, there's no reason to allow it.
+If you want your browser to be able to reach servers in your local + network by using their names, you will need additional exceptions that + look like this:
+
+ # forward localhost/ . + |
- - Next + |
Save the modified configuration file and open http://config.privoxy.org/show-status in your browser, + confirm that Privoxy has reloaded its + configuration and that there are no other forward lines, unless you + know that you need them. If everything looks good, refer to Tor Faq 4.2 to learn how to verify that you are + really using Tor.
+Afterward, please take the time to at least skim through the rest of + Tor's documentation. Make sure you + understand what Tor does, why it is no + replacement for application level security, and why you probably don't + want to use it for unencrypted logins.
+Definitely. It is common for sites to use browser type, browser + version, HTTP header content, and various other techniques in order to + dynamically decide what to display and how to display it. What you see, + and what I see, might be very different. There are many, many ways that + this can be handled, so having hard and fast rules, is tricky.
+The "User-Agent" is sometimes used in + this way to identify the browser, and adjust content accordingly.
+Also, different browsers use different encodings of non-English + characters, certain web servers convert pages on-the-fly according to + the User Agent header. Giving a "User Agent" + with the wrong operating system or browser manufacturer causes some + sites in these languages to be garbled; Surfers to Eastern European + sites should change it to something closer. And then some page access + counters work by looking at the "Referer" + header; they may fail or break if unavailable. The weather maps of + Intellicast have been blocked by their server when no "Referer" or cookie is provided, is another example. + (But you can forge both headers without giving information away). There + are many other ways things can go wrong when trying to fool a web + server. The results of which could inadvertently cause pages to load + incorrectly, partially, or even not at all. And there may be no obvious + clues as to just what went wrong, or why. Nowhere will there be a + message that says "Turn off fast-redirects or + else! "
+Similar thoughts apply to modifying JavaScript, and, to a lesser + degree, HTML elements.
+If you have problems with a site, you will have to adjust your + configuration accordingly. Cookies are probably the most likely + adjustment that may be required, but by no means the only one.
+No, it does not have this ability at all. You want something like + Squid or + Polipo for this. And, yes, before you ask, Privoxy can co-exist with other kinds of proxies + like Squid. See the forwarding + chapter in the user manual for details.
+Not in the way you mean, or in the way some firewall vendors claim + they can. Privoxy can help protect + your privacy, but can't protect your system from intrusion attempts. It + is, of course, perfectly possible to use both.
+It is technically possible to eliminate banners and ads in a way + that frees their allocated page space. This could easily be done by + blocking with Privoxy's filters, and + eliminating the entire image references from the HTML page + source.
+But, this would consume considerably more CPU resources (IOW, slow + things down), would likely destroy the layout of some web pages which + rely on the banners utilizing a certain amount of page space, and might + fail in other cases, where the screen space is reserved (e.g. by HTML + tables for instance). Also, making ads and banners disappear without + any trace complicates troubleshooting, and would sooner or later be + problematic.
+The better alternative is to instead let them stay, and block the + resulting requests for the banners themselves as is now the case. This + leaves either empty space, or the familiar checkerboard pattern.
+So the developers won't support this in the default configuration, + but you can of course define appropriate filters yourself to achieve + this.
+Since secure HTTP connections are encrypted SSL sessions between + your browser and the secure site, and are meant to be reliably + secure, there is + little that Privoxy can do but hand + the raw gibberish data though from one end to the other + unprocessed.
+The only exception to this is blocking by host patterns, as the + client needs to tell Privoxy the name + of the remote server, so that Privoxy + can establish the connection. If that name matches a host-only pattern, + the connection will be blocked.
+As far as ad blocking is concerned, this is less of a restriction + than it may seem, since ad sources are often identifiable by the host + name, and often the banners to be placed in an encrypted page come + unencrypted nonetheless for efficiency reasons, which exposes them to + the full power of Privoxy's ad + blocking.
+"Content cookies" (those that are + embedded in the actual HTML or JS page content, see filter{content-cookies}), in an SSL transaction will be + impossible to block under these conditions. Fortunately, this does not + seem to be a very common scenario since most cookies come by + traditional means.
+On Unix-like systems, Privoxy can + run as a non-privileged user, which is how we recommend it be run. + Also, by default Privoxy listens to + requests from "localhost" only.
+The server aspect of Privoxy is not + itself directly exposed to the Internet in this configuration. If you + want to have Privoxy serve as a LAN + proxy, this will have to be opened up to allow for LAN requests. In + this case, we'd recommend you specify only the LAN gateway address, + e.g. 192.168.1.1, in the main Privoxy + configuration file and check all access + control and security options. All LAN hosts can then use this as + their proxy address in the browser proxy configuration, but + Privoxy will not listen on any + external interfaces. ACLs can be defined in addition, and using a + firewall is always good too. Better safe than sorry.
+Privoxy doesn't have a transparent + proxy mode, but you can toggle off blocking and content filtering.
+The easiest way to do that is to point your browser to the remote + toggle URL: http://config.privoxy.org/toggle.
+See the Bookmarklets section of the User + Manual for an easy way to access this feature. Note that this is a + feature that may need to be enabled in the main config file.
+No, this just means all optional filtering and actions are disabled. + Privoxy is still acting as a proxy, + but just doing less of the things that Privoxy would normally be expected to do. It is + still a "middle-man" in the interaction + between your browser and web sites. See below to bypass the proxy.
+Bypassing a proxy, or proxying based on arbitrary criteria, is + purely a browser configuration issue, not a Privoxy issue. Modern browsers typically do have + settings for not proxying certain sites. Check your browser's help + files.
+A "crunch" simply means Privoxy intercepted something, nothing more. + Often this is indeed ads or banners, but Privoxy uses the same mechanism for trapping + requests for its own internal pages. For instance, a request for + Privoxy's configuration page at: + http://config.privoxy.org, is intercepted (i.e. it does not + go out to the 'net), and the familiar CGI configuration is returned to + the browser, and the log consequently will show a "crunch".
+Since version 3.0.7, Privoxy will also log the crunch reason. If you + are using an older version you might want to upgrade.
+From the webserver's perspective, there is no difference between + viewing a document (i.e. a page), and downloading a file. The same is + true of Privoxy. If there is a match + for a block + pattern, it will still be blocked, and of course this is obvious.
+Filtering is potentially more of a concern since the results are not + always so obvious, and the effects of filtering are there whether the + file is simply viewed, or downloaded. And potentially whether the + content is some obnoxious advertisement, or Mr. Jimmy's latest/greatest + source code jewel. Of course, one of these presumably is "bad" content that we don't want, and the other is + "good" content that we do want. Privoxy is blind to the differences, and can only + distinguish "good from bad" by the + configuration parameters we give it.
+Privoxy knows the differences in + files according to the "Content Type" as + reported by the webserver. If this is reported accurately (e.g. + "application/zip" for a zip archive), then + Privoxy knows to ignore these where + appropriate. Privoxy potentially can + filter HTML as well as plain text documents, subject to configuration + parameters of course. Also, documents that are of an unknown type + (generally assumed to be "text/plain") can + be filtered, as will those that might be incorrectly reported by the + webserver. If such a file is a downloaded file that is intended to be + saved to disk, then any content that might have been altered by + filtering, will be saved too, for these (probably rare) cases.
+Note that versions later than 3.0.2 do NOT filter document types + reported as "text/plain". Prior to this, + Privoxy did filter this document + type.
+In short, filtering is "ON" if a) the + content type as reported by the webserver is appropriate and b) the configuration + allows it (or at least does not disallow it). That's it. There is no + magic cookie anywhere to say this is "good" + and this is "bad". It's the configuration + that lets it all happen or not.
+If you download text files, you probably do not want these to be + filtered, particularly if the content is source code, or other critical + content. Source code sometimes might be mistaken for Javascript (i.e. + the kind that might open a pop-up window). It is recommended to turn + off filtering for download sites (particularly if the content may be + plain text files and you are using version 3.0.2 or earlier) in your + user.action file. And also, for any site or + page where making any changes at all to the content is to be + avoided.
+Privoxy does not do FTP at all, + only HTTP and HTTPS (SSL) protocols.
+Please read above.
+One time-tested technique to defeat common ads is to trick the local + DNS system by giving a phony IP address for the ad generator in the + local HOSTS file, typically using 127.0.0.1, aka localhost. This + effectively blocks the ad.
+There is no reason to use this technique in conjunction with + Privoxy. Privoxy does essentially the same thing, much more + elegantly and with much more flexibility. A large HOSTS file, in fact, not only duplicates effort, but + may get in the way and seriously slow down your system. It is + recommended to remove such entries from your HOSTS file. If you think your hosts list is neglected + by Privoxy's configuration, consider + adding your list to your user.action + file:
+
+ { +block }
+ www.ad.example1.com
+ ad.example2.com
+ ads.galore.example.com
+ etc.example.com
|
- How much of an impact depends on many things, including the CPU of - the host system, how aggressive the configuration is, which - specific actions are being triggered, the size of the page, the - bandwidth of the connection, etc. -
-- Overall, it should not slow you down any in real terms, and may - actually help speed things up since ads, banners and other junk are - not typically being retrieved and displayed. The actual processing - time required by Privoxy itself - for each page, is relatively small in the overall scheme of things, - and happens very quickly. This is typically more than offset by - time saved not downloading and rendering ad images and other junk - content (if ad blocking is being used). -
-- "Filtering" content via the filter or deanimate-gifs actions may cause a perceived - slowdown, since the entire document needs to be buffered before - displaying. And on very large documents, filtering may have some - measurable impact. How much depends on the page size, the actual - definition of the filter(s), etc. See below. Most other actions - have little to no impact on speed. -
-- Also, when filtering is enabled but zlib support isn't available, - compression is often disabled (see prevent-compression). This can have an impact on speed - as well, although it's probably smaller than you might think. - Again, the page size, etc. will determine how much of an impact. -
-- If you use any filter action, such as filtering banners by size, - web-bugs etc, or the deanimate-gifs action, the entire document must be - loaded into memory in order for the filtering mechanism to work, - and nothing is sent to the browser during this time. -
-- The loading time typically does not really change much in real - numbers, but the feeling is different, because most browsers are - able to start rendering incomplete content, giving the user a - feeling of "it works". This effect is more noticeable on slower - dialup connections. Extremely large documents may have some impact - on the time to load the page where there is filtering being done. - But overall, the difference should be very minimal. If there is a - big impact, then probably some other situation is contributing - (like anti-virus software). -
-- Filtering is automatically disabled for inappropriate MIME types. - But note that if the web server mis-reports the MIME type, then - content that should not be filtered, could be. Privoxy only knows how to differentiate - filterable content because of the MIME type as reported by the - server, or because of some configuration setting that - enables/disables filtering. -
-- http://config.privoxy.org/ is the address of Privoxy's built-in user interface, and - http://p.p/ is a shortcut - for it. -
-- Since Privoxy sits between your - web browser and the Internet, it can simply intercept requests for - these addresses and answer them with its built-in "web server". -
-- This also makes for a good test for your browser configuration: If - entering the URL http://config.privoxy.org/ takes you to a page saying - "This is Privoxy ...", everything is OK. - If you get a page saying "Privoxy is not - working" instead, then your browser didn't use Privoxy for the request, hence it could not be - intercepted, and you have accessed the real web site at config.privoxy.org. -
-- Note that config.privoxy.org resolves to a public IP address. If - you use config.privoxy.org as ping or traceroute target you will - reach the system on the Internet (Privoxy can't intercept ICMP - requests). If you want to ping the system Privoxy runs on, you - should use its IP address or local DNS name (if it has got one). -
-- Please see the Contact section for - various ways to interact with the developers. -
-- Whether such submissions are eventually included in the default.action configuration file depends on how - significant the issue is. We of course want to address any - potential problem with major, high-profile sites such as Google, Yahoo, etc. Any - site with global or regional reach, has a good chance of being a - candidate. But at the other end of the spectrum are any number of - smaller, low-profile sites such as for local clubs or schools. - Since their reach and impact are much less, they are best handled - by inclusion in the user's user.action, - and thus would be unlikely to be included. -
-- Rest assured that it has been read and considered. Why it is not - answered, could be for various reasons, including no one has a good - answer for it, no one has had time to yet investigate it - thoroughly, it has been reported numerous times already, or because - not enough information was provided to help us help you. Your - efforts are not wasted, and we do appreciate them. -
-- If you run both the browser and Privoxy locally, you cannot hide your IP - address with Privoxy or ultimately - any other software alone. The server needs to know your IP address - so that it knows where to send the responses back. -
-- There are many publicly usable "anonymous" proxies out there, which - provide a further level of indirection between you and the web - server. -
-- However, these proxies are called "anonymous" because you don't - need to authenticate, not because they would offer any real - anonymity. Most of them will log your IP address and make it - available to the authorities in case you violate the law of the - country they run in. In fact you can't even rule out that some of - them only exist to *collect* information on (those suspicious) - people with a more than average preference for privacy. -
-- If you want to hide your IP address from most adversaries, you - should consider chaining Privoxy - with Tor. - The configuration details can be found in How do I use Privoxy - together with Tor section just - below. -
-- No. Your chances of remaining anonymous are improved, but unless - you chain Privoxy with Tor or a similar proxy and know what - you're doing when it comes to configuring the rest of your system, - you should assume that everything you do on the Web can be traced - back to you. -
-- Privoxy can remove various - information about you, and allows you more freedom to decide which sites you - can trust, and what details you want to reveal. But it neither - hides your IP address, nor can it guarantee that the rest of the - system behaves correctly. There are several possibilities how a web - sites can find out who you are, even if you are using a strict - Privoxy configuration and chained - it with Tor. -
-- Most of Privoxy's - privacy-enhancing features can be easily subverted by an insecure - browser configuration, therefore you should use a browser that can - be configured to only execute code from trusted sites, and be - careful which sites you trust. For example there is no point in - having Privoxy modify the - User-Agent header, if websites can get all the information they - want through JavaScript, ActiveX, Flash, Java etc. -
-- A few browsers disclose the user's email address in certain - situations, such as when transferring a file by FTP. Privoxy does not filter FTP. If you need this - feature, or are concerned about the mail handler of your browser - disclosing your email address, you might consider products such as - NSClean. -
-- Browsers available only as binaries could use non-standard headers - to give out any information they can have access to: see the - manufacturer's license agreement. It's impossible to anticipate and - prevent every breach of privacy that might occur. The - professionally paranoid prefer browsers available as source code, - because anticipating their behavior is easier. Trust the source, - Luke! -
-- Good! Actually, they are probably testing for some other kinds of - proxies. Hiding yourself completely would require additional steps. -
-- Before you configure Privoxy to - use Tor, - please follow the User Manual chapters 2. - Installation and 5. Startup to make sure Privoxy itself is setup correctly. -
-- If it is, refer to Tor's - extensive documentation to learn how to install Tor, and make sure Tor's logfile says that "Tor has successfully opened a circuit" and it "looks like client functionality is working". -
-- If either Tor or Privoxy isn't working, their combination most - likely will neither. Testing them on their own will also help you - to direct problem reports to the right audience. If Privoxy isn't working, don't bother the Tor developers. If Tor isn't working, don't send bug reports to - the Privoxy Team. -
-- If you verified that Privoxy and - Tor are working, it is time to - connect them. As far as Privoxy is - concerned, Tor is just another - proxy that can be reached by socks4, socks4a and socks5. Most - likely you are interested in Tor - to increase your anonymity level, therefore you should use socks5, - to make sure DNS requests are done through Tor and thus invisible to your local network. - Using socks4a would work too, but with socks5 you get more precise - error messages. -
-- Privoxy's main configuration - file is already prepared for Tor, if you are using a default Tor configuration and run it on the same - system as Privoxy, you just have - to edit the forwarding section and uncomment the line: -
--
-| https://www.privoxy.org/, the Privoxy Home page. | +
--# forward-socks5t / 127.0.0.1:9050 . -- |
+ https://www.privoxy.org/faq/, the Privoxy FAQ. |
- Note that if you got Tor through one of the bundles, you may have - to change the port from 9050 to 9150 (or even another one). For - details, please check the documentation on the Tor website. -
-- This is enough to reach the Internet, but additionally you might - want to uncomment the following forward rules, to make sure your - local network is still reachable through Privoxy: -
--
-
--# forward 192.168.*.*/ . -# forward 10.*.*.*/ . -# forward 127.*.*.*/ . -- |
+ https://www.privoxy.org/developer-manual/, the + Privoxy developer manual. |
- Unencrypted connections to systems in these address ranges will be - as (un)secure as the local network is, but the alternative is that - your browser can't reach the network at all. Then again, that may - actually be desired and if you don't know for sure that your - browser has to be able to reach the local network, there's no - reason to allow it. -
-- If you want your browser to be able to reach servers in your local - network by using their names, you will need additional exceptions - that look like this: -
--
-
--# forward localhost/ . -- |
+ https://sourceforge.net/projects/ijbswa/, the Project + Page for Privoxy on SourceForge. |
- Save the modified configuration file and open http://config.privoxy.org/show-status in your browser, - confirm that Privoxy has reloaded - its configuration and that there are no other forward lines, unless - you know that you need them. If everything looks good, refer to Tor Faq 4.2 to learn how to verify that you are - really using Tor. -
-- Afterward, please take the time to at least skim through the rest - of Tor's documentation. Make sure - you understand what Tor does, why - it is no replacement for application level security, and why you - probably don't want to use it for unencrypted logins. -
-- Definitely. It is common for sites to use browser type, browser - version, HTTP header content, and various other techniques in order - to dynamically decide what to display and how to display it. What - you see, and what I see, might be very different. There are many, - many ways that this can be handled, so having hard and fast rules, - is tricky. -
-- The "User-Agent" is sometimes used in - this way to identify the browser, and adjust content accordingly. -
-- Also, different browsers use different encodings of non-English - characters, certain web servers convert pages on-the-fly according - to the User Agent header. Giving a "User - Agent" with the wrong operating system or browser - manufacturer causes some sites in these languages to be garbled; - Surfers to Eastern European sites should change it to something - closer. And then some page access counters work by looking at the - "Referer" header; they may fail or break - if unavailable. The weather maps of Intellicast have been blocked - by their server when no "Referer" or - cookie is provided, is another example. (But you can forge both - headers without giving information away). There are many other ways - things can go wrong when trying to fool a web server. The results - of which could inadvertently cause pages to load incorrectly, - partially, or even not at all. And there may be no obvious clues as - to just what went wrong, or why. Nowhere will there be a message - that says "Turn off fast-redirects or - else! " -
-- Similar thoughts apply to modifying JavaScript, and, to a lesser - degree, HTML elements. -
-- If you have problems with a site, you will have to adjust your - configuration accordingly. Cookies are probably the most likely - adjustment that may be required, but by no means the only one. -
-- No, it does not have this ability at all. You want something like - Squid or Polipo for this. And, yes, before you ask, Privoxy can co-exist with other kinds of - proxies like Squid. See the forwarding chapter in the user manual for - details. -
-- Not in the way you mean, or in the way some firewall vendors claim - they can. Privoxy can help protect - your privacy, but can't protect your system from intrusion - attempts. It is, of course, perfectly possible to use both. -
-- It is technically possible to eliminate banners and ads in a way - that frees their allocated page space. This could easily be done by - blocking with Privoxy's filters, - and eliminating the entire image references from the HTML page - source. -
-- But, this would consume considerably more CPU resources (IOW, slow - things down), would likely destroy the layout of some web pages - which rely on the banners utilizing a certain amount of page space, - and might fail in other cases, where the screen space is reserved - (e.g. by HTML tables for instance). Also, making ads and banners - disappear without any trace complicates troubleshooting, and would - sooner or later be problematic. -
-- The better alternative is to instead let them stay, and block the - resulting requests for the banners themselves as is now the case. - This leaves either empty space, or the familiar checkerboard - pattern. -
-- So the developers won't support this in the default configuration, - but you can of course define appropriate filters yourself to - achieve this. -
-- Since secure HTTP connections are encrypted SSL sessions between - your browser and the secure site, and are meant to be reliably - secure, there - is little that Privoxy can do but - hand the raw gibberish data though from one end to the other - unprocessed. -
-- The only exception to this is blocking by host patterns, as the - client needs to tell Privoxy the - name of the remote server, so that Privoxy can establish the connection. If that - name matches a host-only pattern, the connection will be blocked. -
-- As far as ad blocking is concerned, this is less of a restriction - than it may seem, since ad sources are often identifiable by the - host name, and often the banners to be placed in an encrypted page - come unencrypted nonetheless for efficiency reasons, which exposes - them to the full power of Privoxy's ad blocking. -
-- "Content cookies" (those that are - embedded in the actual HTML or JS page content, see filter{content-cookies}), in an SSL transaction - will be impossible to block under these conditions. Fortunately, - this does not seem to be a very common scenario since most cookies - come by traditional means. -
-- On Unix-like systems, Privoxy can - run as a non-privileged user, which is how we recommend it be run. - Also, by default Privoxy listens - to requests from "localhost" only. -
-- The server aspect of Privoxy is - not itself directly exposed to the Internet in this configuration. - If you want to have Privoxy serve - as a LAN proxy, this will have to be opened up to allow for LAN - requests. In this case, we'd recommend you specify only the LAN - gateway address, e.g. 192.168.1.1, in the main Privoxy configuration file and check all access control and security options. All LAN hosts can - then use this as their proxy address in the browser proxy - configuration, but Privoxy will - not listen on any external interfaces. ACLs can be defined in - addition, and using a firewall is always good too. Better safe than - sorry. -
-- Privoxy doesn't have a transparent - proxy mode, but you can toggle off blocking and content filtering. -
-- The easiest way to do that is to point your browser to the remote - toggle URL: http://config.privoxy.org/toggle. -
-- See the Bookmarklets section of the User - Manual for an easy way to access this feature. Note that this - is a feature that may need to be enabled in the main config file. -
-- No, this just means all optional filtering and actions are - disabled. Privoxy is still acting - as a proxy, but just doing less of the things that Privoxy would normally be expected to do. It - is still a "middle-man" in the - interaction between your browser and web sites. See below to bypass - the proxy. -
-- Bypassing a proxy, or proxying based on arbitrary criteria, is - purely a browser configuration issue, not a Privoxy issue. Modern browsers typically do - have settings for not proxying certain sites. Check your browser's - help files. -
-- A "crunch" simply means Privoxy intercepted something, nothing more. Often this is - indeed ads or banners, but Privoxy - uses the same mechanism for trapping requests for its own internal - pages. For instance, a request for Privoxy's configuration page at: http://config.privoxy.org, is intercepted (i.e. it does - not go out to the 'net), and the familiar CGI configuration is - returned to the browser, and the log consequently will show a "crunch". -
-- Since version 3.0.7, Privoxy will also log the crunch reason. If - you are using an older version you might want to upgrade. -
-- From the webserver's perspective, there is no difference between - viewing a document (i.e. a page), and downloading a file. The same - is true of Privoxy. If there is a - match for a block pattern, it will still be blocked, and of - course this is obvious. -
-- Filtering is potentially more of a concern since the results are - not always so obvious, and the effects of filtering are there - whether the file is simply viewed, or downloaded. And potentially - whether the content is some obnoxious advertisement, or Mr. Jimmy's - latest/greatest source code jewel. Of course, one of these - presumably is "bad" content that we - don't want, and the other is "good" - content that we do want. Privoxy - is blind to the differences, and can only distinguish "good from bad" by the configuration parameters - we give it. -
-- Privoxy knows the differences in - files according to the "Content Type" as - reported by the webserver. If this is reported accurately (e.g. - "application/zip" for a zip archive), - then Privoxy knows to ignore these - where appropriate. Privoxy - potentially can filter HTML as well as plain text documents, - subject to configuration parameters of course. Also, documents that - are of an unknown type (generally assumed to be "text/plain") can be filtered, as will those that - might be incorrectly reported by the webserver. If such a file is a - downloaded file that is intended to be saved to disk, then any - content that might have been altered by filtering, will be saved - too, for these (probably rare) cases. -
-- Note that versions later than 3.0.2 do NOT filter document types - reported as "text/plain". Prior to this, - Privoxy did filter this document - type. -
-- In short, filtering is "ON" if a) the - content type as reported by the webserver is appropriate and b) the - configuration allows it (or at least does not disallow it). That's - it. There is no magic cookie anywhere to say this is "good" and this is "bad". - It's the configuration that lets it all happen or not. -
-- If you download text files, you probably do not want these to be - filtered, particularly if the content is source code, or other - critical content. Source code sometimes might be mistaken for - Javascript (i.e. the kind that might open a pop-up window). It is - recommended to turn off filtering for download sites (particularly - if the content may be plain text files and you are using version - 3.0.2 or earlier) in your user.action - file. And also, for any site or page where making any changes at all to the - content is to be avoided. -
-- Privoxy does not do FTP at all, - only HTTP and HTTPS (SSL) protocols. -
-- Please read above. -
-- One time-tested technique to defeat common ads is to trick the - local DNS system by giving a phony IP address for the ad generator - in the local HOSTS file, typically using - 127.0.0.1, aka localhost. This effectively blocks the ad. -
-- There is no reason to use this technique in conjunction with Privoxy. Privoxy does essentially the same thing, much - more elegantly and with much more flexibility. A large HOSTS file, in fact, not only duplicates effort, - but may get in the way and seriously slow down your system. It is - recommended to remove such entries from your HOSTS file. If you think your hosts list is - neglected by Privoxy's - configuration, consider adding your list to your user.action file: -
--
-
-
- { +block }
- www.ad.example1.com
- ad.example2.com
- ads.galore.example.com
- etc.example.com
-
- |
+ http://config.privoxy.org/, the web-based user + interface. Privoxy must be + running for this to work. Shortcut: http://p.p/ |
- Other references and sites of interest to Privoxy users: -
--
-| - https://www.privoxy.org/, the Privoxy Home page. - | -
| - https://www.privoxy.org/faq/, the Privoxy FAQ. - | -
| - https://www.privoxy.org/developer-manual/, the - Privoxy developer manual. - | -
| - https://sourceforge.net/projects/ijbswa/, the - Project Page for Privoxy on - SourceForge. - | -
| - http://config.privoxy.org/, the web-based user - interface. Privoxy must be - running for this to work. Shortcut: http://p.p/ - | -
| - https://sourceforge.net/tracker/?group_id=11118&atid=460288, - to submit "misses" and other - configuration related suggestions to the developers. - | -
| - http://www.squid-cache.org/, a popular caching - proxy, which is often used together with Privoxy. - | -
| - http://www.pps.univ-paris-diderot.fr/~jch/software/polipo/, - Polipo is a caching proxy - with advanced features like pipelining, multiplexing and - caching of partial instances. In many setups it can be used - as Squid replacement. - | -
| - https://www.torproject.org/, Tor can help anonymize web browsing, web - publishing, instant messaging, IRC, SSH, and other - applications. - | -
- We're not. The text substitutions that you are seeing are disabled - in the default configuration as shipped. You have either manually - activated the "fun" filter which is clearly labeled "Text replacements for subversive browsing - fun!" or you are using an older Privoxy version and have - implicitly activated it by choosing the "Advanced" profile in the web-based editor. Please - upgrade. -
-- Privoxy generates HTML in both its own "templates", and possibly whenever there are text - substitutions via a Privoxy - filter. While this should always conform to the HTML 4.01 - specifications, it has not been validated against this or any other - standard. -
-- We didn't. We make Privoxy available for download, but we don't go - around installing it on other people's systems behind their back. - If you discover Privoxy running on your system and are sure you - didn't install it yourself, somebody else did. You may not even be - running the real Privoxy, but maybe something else that only - pretends to be Privoxy, or maybe something that is based on the - real Privoxy, but has been modified. -
-- Lately there have been reports of problems with some kind of - "parental control" software based on Privoxy that came preinstalled - on certain ASUS Netbooks. The problems described are - inconsistent with the behaviour of official Privoxy versions, which - suggests that the preinstalled software may contain vendor - modifications that we don't know about and thus can't debug. -
-- Privoxy's license allows vendor - modifications, but the vendor has to comply with the license, which - involves informing the user about the changes and to make the - changes available under the same license as Privoxy itself. -
-- If you are having trouble with a modified Privoxy version, please - try to talk to whoever made the modifications before reporting the - problem to us. Please also try to convince whoever made the - modifications to talk to us. If you think somebody gave you a - modified Privoxy version without complying to the license, please - let us know. -
-| - Prev - | -- Home - | -- Next - | -
| - Configuration - | -- - | -- Troubleshooting - | -
| https://sourceforge.net/tracker/?group_id=11118&atid=460288, + to submit "misses" and other + configuration related suggestions to the developers. | +
| http://www.squid-cache.org/, a popular caching proxy, + which is often used together with Privoxy. | +
| http://www.pps.univ-paris-diderot.fr/~jch/software/polipo/, + Polipo is a caching proxy with + advanced features like pipelining, multiplexing and caching of + partial instances. In many setups it can be used as Squid replacement. | +
| https://www.torproject.org/, Tor can help anonymize web browsing, web + publishing, instant messaging, IRC, SSH, and other + applications. | +
We're not. The text substitutions that you are seeing are disabled + in the default configuration as shipped. You have either manually + activated the "fun" + filter which is clearly labeled "Text replacements + for subversive browsing fun!" or you are using an older Privoxy + version and have implicitly activated it by choosing the "Advanced" profile in the web-based editor. Please + upgrade.
+Privoxy generates HTML in both its own "templates", and possibly whenever there are text + substitutions via a Privoxy filter. + While this should always conform to the HTML 4.01 specifications, it + has not been validated against this or any other standard.
+We didn't. We make Privoxy available for download, but we don't go + around installing it on other people's systems behind their back. If + you discover Privoxy running on your system and are sure you didn't + install it yourself, somebody else did. You may not even be running the + real Privoxy, but maybe something else that only pretends to be + Privoxy, or maybe something that is based on the real Privoxy, but has + been modified.
+Lately there have been reports of problems with some kind of + "parental control" software based on Privoxy that came preinstalled on + certain ASUS Netbooks. The problems described are inconsistent with + the behaviour of official Privoxy versions, which suggests that the + preinstalled software may contain vendor modifications that we don't + know about and thus can't debug.
+Privoxy's license allows vendor + modifications, but the vendor has to comply with the license, which + involves informing the user about the changes and to make the changes + available under the same license as Privoxy itself.
+If you are having trouble with a modified Privoxy version, please + try to talk to whoever made the modifications before reporting the + problem to us. Please also try to convince whoever made the + modifications to talk to us. If you think somebody gave you a modified + Privoxy version without complying to the license, please let us + know.