What proxy servers are and how they differ from VPNs
Posted on August 20, 2018 By Dennis
A proxy server can be used to mask your IP address and spoof your location. This means that, like a VPN, it can be used to bypass geo-restrictions and firewalls. However, unlike a VPN, most proxy servers do not encrypt your internet traffic, leaving you vulnerable to monitoring by ISPs, government agencies, and hackers.
Proxy servers do have some advantages, so they may be preferable in certain situations. In this post, we’ll take a closer look at the similarities and differences between proxy servers and VPNs, so you can make a more informed decision.
Note: If you are thinking of signing up with a VPN service I suggest you first read my article on the problems with so called best VPNs.
What proxy servers are
When you enter a URL or click a link to a website, your ISP submits a request and connects you with that website. To do this, it must reveal your IP address.
When you use a proxy, you connect to an intermediary server, which is essentially just a separate internet-connected computer. Your traffic passes through this server on its way to its final destination (the website you want to visit). This means that your online requests are rerouted and your real IP address is masked in the process.
Proxy servers are most often used to mask the user’s real location. This is useful in accessing sites that block content by end user location. These include TV and movie streaming services, sports streaming services, gaming sites, and online gambling services. Although, many sites are cracking down on the use of proxies, so proxy errors like this one are common:
A proxy can Also enable you to bypass firewalls, such as those imposed by offices, schools, and libraries. Firewalls are often in place to restrict access to sites like Facebook, Amazon, and YouTube. Some proxies can even bypass government firewalls, such as China’s “Great Firewall.”
The main difference between proxy servers and VPNs: Encryption
The major difference between proxy servers and VPNs is encryption. A VPN will encrypt all internet traffic running through every application on the device it’s installed on. This includes web browsers, gaming apps, media players, torrenting platforms, and whatever else is connected to internet.
On the other hand, proxies generally only reroute traffic, and most don’t use encryption at all. This means that user activity is exposed to snoopers and connections are vulnerable to Man-In-The-Middle (MITM) attacks. What’s more, proxies often don’t authenticate their clients, so anyone can connect. That makes them even more vulnerable to MITM attacks.
If you’re not concerned about security, one benefit to not having any encryption is that your device doesn’t need to encrypt or decrypt internet traffic, which can cause slowdowns especially on underpowered devices. Most top-rated VPNs don’t slow things down too much, but there could be a noticeable difference. Because proxy servers don’t encrypt traffic, you won’t have this issue.
Types of proxy servers
While there is really just one type of VPN, proxy servers are different in that there are several different types. Here are the categories you may come across:
While many proxies are app-specific, a DNS proxy is typically used to cover all of the internet-connected apps your devices is using. It is configured in your internet settings rather than an added app or extension. DNS proxies are often referred to as Smart DNS, and you’ll see them competing with VPNs to help users unblock geo-restricted content.
DNS proxies don’t always re-route your connection, only when you’re accessing a website that uses your location data. So if a site is the same no matter where you’re located, the proxy won’t kick in. But for a site like Netflix, which delivers different content depending on your location, the proxy will re-route your connection.
DNS, or Domain Name System, works a bit like a phone book for the internet that matches up web domains like “privacy.net” with the IP addresses of servers where sites are hosted. Smart DNS changes the IP address for sites like Netflix to that of a proxy server, so when you type in “netflix.com”, your DNS request routes your connection through a proxy server instead of going directly to Netflix.
This is the type of proxy you’re probably most used to seeing. A typical use case for an HTTP proxy is to bypass office or school firewalls to access blocked content such as social media platforms and ecommerce sites. Usually, these proxies are used within a web browser, and can be downloaded as an extension. While you may get excellent speeds with a HTTP proxy, there’s no encryption.
SOCKS proxies are similar to HTTP proxies, but can usually be set up within individual apps and will cover more than just web browsers. Again, there’s no encryption, but these can be good for selective funneling of traffic for apps where privacy is not a concern.
You may have heard of SOCKS5 being a more secure version of SOCKS. This type of proxy adds a level of security in that only authorized users can access the server. However, information going to and from the server still isn’t encrypted by default, so it’s nowhere near as secure as a VPN.
HTTPS proxies are different to the other types because they do encrypt your traffic so offer some security. These are usually used for web browsers, similar to HTTP proxies so, unlike a VPN, they won’t encrypt traffic for every app on your device.
As mentioned earlier, proxies typically don’t require authentication, and most HTTPS proxies are no different. Users usually aren’t required to create an account or enter a password, leaving them vulnerable to MITM attacks.
One more thing to note is that, because your traffic is decrypted at the server, unless you’re using a HTTPS website, your provider can see your information. As such, if you’re concerned about privacy — which you probably are if you’re using an HTTPS proxy — then you should definitely trust your provider.
These proxies are a good option for securing browser traffic and are better than other proxies for accessing blocked sites that require more security. But they don’t substitute a VPN which encrypts all of your traffic across your device and requires authentication.
What about VPN browser extensions?
When you sign up to a VPN provider, you’ll typically be offered downloads for a range of native apps. These usually cover various operating systems such as Windows, MacOS, iOS and Android.
These are full VPN apps and encrypt all of the traffic going to and from that device. Note that some VPNs have split tunneling features which let you choose which apps use the VPN connection, but with most providers, you can assume there’ll be blanket coverage of all internet traffic.
Alongside these apps, you’ll notice some VPN providers offer extensions for a variety of browsers including Chrome, Firefox, and Opera.
Although these are often dubbed “VPN browser extensions,” in most cases, they don’t work like VPNs at all. These are usually HTTPS proxies rather than VPNs and only encrypt traffic for your browser, not your entire device. What’s more, they usually can’t protect against DNS, IPv6, and WebRTC leaks, any of which can expose your real IP address. One notable exception is NordVPN; its browser extensions protect against DNS and WebRTC leaks.
Free and paid VPNs and proxies
Both proxies and VPNs have free and paid options available. However, you should be wary of free options for either. Free services usually have questionable privacy policies and providers could be monitoring and logging your every move. They may sell this data to third parties or use it to serve you ads.
Aside from better privacy, paid VPN and proxy services offer a broader selection of servers. Many free services will operate servers in a handful of countries, such as the US and the UK, as there tends to be more demand for content from these regions. In contrast, paid providers will have hundreds, even thousands of servers dotted across the globe. Plus, paid services tend to have fewer users and smaller loads on their servers, so you won’t have to suffer wait times to connect.
When it comes to unblocking sites like Netflix, BBC iPlayer, and Amazon Prime Video, there’s no outright answer as to whether a VPN or a proxy would be the best candidate for the job.
Many of these streaming services are seriously cracking down on the use of all types of proxies (VPNs included) to access their content. VPN and proxy providers have to put a lot of resources into bypassing these geo-restriction measures and giving their users access to the content they want. But only the paid providers can afford to do this.
As such, whether you go for a VPN or a proxy server, you’ll need to consider a top-rated paid option to ensure you can unblock your favorite services. Not only that, you need to make sure your provider offers excellent customer service, so they can help you troubleshoot any issues that arise. Free VPN or proxy services will be ill-equipped to unblock your desired content or offer decent support.
Just to reiterate, a VPN will encrypt your traffic, but a proxy should give you slightly better speeds, assuming equal distance traveled and server congestion. Ultimately, for the best option for accessing streaming services, it will come down to whether or not you value privacy and security over speed.
Image credit: “Network Earth” by Gerd Altmann licensed under CC BY 2.0