Installing 3proxy

3proxy is a free and open source proxy server that is used for various purposes such as filtering traffic, caching and blocking specific websites. It supports various protocols such as SOCKS v4/v4a/v5, HTTP, HTTPS, FTP, POP3, SMTP, and supports authentication methods such as SOCKS5 username/password, NTLM, LDAP, Kerberos, and SSO.

The server is highly customizable, providing detailed management of bandwidth usage and connection parameters. 3proxy can be installed on Windows, Linux and macOS platforms. It is a lightweight and easy-to-use proxy server suitable for small and medium-sized networks. It is possible to rent a vps proxy.

Install 3proxy with http(s) and socks5-proxy support

It is necessary to be careful, as it is undesirable to install the server without authorization. This can lead to unauthorized use of the server by attackers to organize spamming and high traffic.

To begin with, you need to install several packages and dependencies.

For AlmaLinux the command:

yum -y install gcc wget tar

and for Debian:

apt install -y build-essential wget tar

Then download the files from the official site of the 3proxy project, unpack the archive and compile the downloaded files.

Next, create the necessary directories for configuration files and logs, transfer the 3proxy executable, and create a new user"proxyuser" and assign directory permissions to it. To create a new configuration file, run the command:

touch /etc/3proxy/3proxy.cfg

Assign permissions to the root user only with chmod 600 /etc/3proxy/3proxy.cfg.

After creating a new configuration file it is necessary to fill it correctly. To do this, write down the uid and gid of the user"proxyuser", then use a text editor to copy and paste the text from the example configuration file. Save the changes to the configuration file and we have an installed 3proxy with http(s) and socks5-proxy support.

Configuration file

Below is a sample configuration file:

Configuring the server to run from the proxyuser user

(insert the uid and gid of our user that we learned earlier).
setgid 991
setuid 991

Specify the correct nameservers. See /etc/resolv.conf:
nserver 8.8.8.8.8
nserver 8.8.4.4

Use default timeouts and cache size for DNS queries:
timeouts 1 5 30 60 180 180 1800 1800 15 60
nscache 65536

Specify the startup mode as daemon:
daemon

Specify the IP address of the external interface of the server:
external 111.111.111.111.111.111 (or ignore the line if the IP is the same).

Specify the IP address of the server 's internal interface:
internal 192.168.0.1 (or ignore it so that the proxy listens to all IPs).

Configure http proxy on standard port 3128:
proxy -p3128 -n -a (specify your own port, making sure it works beforehand).

Configure socks proxy on standard port 1080:
socks -p1080 (specify your port, checking that it works beforehand).

Specify path to logs, log format and rotation:
log /var/log/3proxy/3proxy/3proxy.log D
logformat "- +_L%t.%. %N.%p %E %U %C:%c %R:%r %O %I %h %T"
rotate 30

Next, create an initialization file for systemd and configure the correct permissions:

# touch /etc/systemd/system/3proxy.service
# chmod 664 /etc/systemd/system/3proxy.service

The following text should be inserted into this file:

[Unit] 
Description=3proxy Proxy Server 
After=network.target 
[Service] 
Type=simple 
ExecStart=/usr/bin/3proxy /etc/3proxy/3proxy.cfg 
ExecStop=/bin/kill `/usr/bin/pgrep proxyuser` 
RemainAfterExit=yes 
Restart=on-failure 
[Install] 
WantedBy=multi-user.target

Save and update the systemd configuration:

# systemctl daemon-reload

Start 3proxy and add it to the autoloader:

# systemctl start 3proxy
# systemctl enable 3proxy

Configuration is complete. You now have http-proxy on port 3128 and socks-proxy on port 1080.

Troubleshooting some problems

The first problem is that there is a chance that after you register a new domain, it will not be available to you because of domain name caching. To solve this problem, you should wait for DNS records to be updated or add the IP address of your server and the new domain to your hosts file. This will allow you to access the new domain until the DNS records are updated.

Problem two - if you use a proxy server with default ports, sooner or later the server may be detected. In order to solve this problem, it is recommended to change the ports.

For example, you can set port 7834 on http proxy and 7835 on Socks. However, such ports can also be detected, so you can configure the firewall to allow access to the server only from certain addresses, while the rest will be denied access. This solution is quite reliable, although not too flexible as you may not have access to a static IP address.

The third problem is that if you use a proxy server and keep logs of all connections, over time they can become quite voluminous and take up most of the free disk space. To avoid this problem, you should take care of log rotation or not keeping logs at all.

There are different methods of log rotation that allow you to keep only the last few log files and automatically delete older logs. Therefore, it is best to set up the log rotation process in advance to avoid disk overflow. This will help to save all data and avoid losing information when using a proxy server.

Simplified configuration of an anonymous http(s) proxy server on port 3128

users proxyuser:CL:password

daemon

log /var/log/3proxy/3proxy.log D

rotate 30

auth strong

proxy -n -a

setgid 65534

setuid 65534

It is also necessary to create a directory for logs and set permissions (we start the server with minimal rights of nobody in the system using setgid/setud directives):

mkdir /var/log/3proxy ; chown nobody /var/log/3proxy

Installing 3proxy in Docker

Let's consider installing 3proxy in Docker.

First of all, you will need to install some packages (and for recently installed Debian and Ubuntu OS, you may also need to update the apt package index with # apt update).

For AlmaLinux and CentOS:

# yum install docker docker-compose

For Ubuntu and Debian:

# apt install docker docker.io docker-compose

Download image:

# docker pull 3proxy/3proxy

By default, 3proxy uses a secure chroot environment in /usr/local/3proxy with uid 65535 and gid 65535, and expects the 3proxy configuration file to be placed in /usr/local/etc/3proxy. The paths in the configuration file should be specified relative to /usr/local/3proxy, i.e. it should be /logs instead of /usr/local/3proxy/logs. In chroot, permission for nserver is required.

To do this, create a directory and a 3proxy configuration file:

# mkdir -p /etc/dockerapp/3proxy
# touch /etc/dockerapp/3proxy/3poxy.conf

Next, use any convenient text editor to edit the created 3proxy .conf configuration file. To run 3proxy in Docker, the minimum configuration is sufficient:

nserver 8.8.8.8.8
socks -p3129

In order to add logging and user, you need to add to the 3proxy configuration file:

log /logs/3proxy.log 
auth strong 
users "proxyuser:CR:87beeef3f4ee4661ac1897eca216fc26"

Instead of "87beeef3f4ee4661ac1897eca216fc26" you need to specify the MD5 hash of the password for the proxyuser. You can find out the MD5 hash using online generators.

Let's start 3proxy using docker-compose. This will require creating a configuration file in .yml format:

# touch /etc/dockerapp/3proxy/docker-compose.yml

Insert the following text there using a text editor:

version: "2.1" 
services: 
  3proxysvc: 
image: 3proxy/3proxy:latest 
container_name: 3proxy 
volumes: 
   - /etc/dockerapp/3proxy/conf:/usr/local/3proxy/conf 
ports: 
   - 8080:3129 
restart: unless-stopped

Save. In this file we have specified the external port 8080. Now we can run it:

# docker-compose -f /etc/dockerapp/3proxy/docker-compose.yml up -d

We will get a response like this:

Creating network"3proxy_default" with the default driver
Creating 3proxy ... done

Test:

# docker ps

We get a response with the container ID, image, status, ports used, and name:

48cc0cd140cd 3proxy/3proxy:latest "/bin/3proxy /etc/3p..." 5