Secure Your Glype Proxy Installation

Recently there's an article about the insecurities of Glype proxy at Techworld and this site that shows why one should not use a public proxy. Because not only your data might be seen by the proxy owner, but if that perticular owner does not know how to secure his/her proxy, other people might also see the information of those people using his/her proxy.

So I feel like I need to inform you as an web-based proxy owner AND user, who probably stumbled to my site looking for instructions on how to create proxies, that when you do install a proxy;

  • use put a .htaccess file on your root directory, to limit the usage to trusted IP address e.g.

  • order deny,allow
    deny from all
    allow from x.x.x.x

  • logging is not enabled by default so you don't have to worry about people looking at your proxy logs
  • if you do feel there is a need to enable it, make sure that read filesystem permission for the file and folder is not given to other or world

That's about it.

And by the way I do believe that although TOR might provide you with the illusion of anonymity, is not, by any means more secure compared to web proxies because one can establish their own TOR routers and as an exit node it is able to intercept usernames and passwords.