CGIProxy 2.1 Beta 6
What is CGIProxy?
CGIProxy is a basic proxy
which you can use to visit other web sites or download from FTP sites using your
web browser. You would do this by going to the URL of the installed CGIProxy
Script and then typing in the web site you wish to visit in the box on the
CGIProxy page. Using this proxy has it's advantages, being that it will then
find servers that can connect to servers that you might not be able to without it.
There is also some possibility of anonymous web browsing with this script, and
even some possible VPN (Virtual Private Network) uses. The proxy is usually
transparent, in that it is possible to view web sites without even knowing it's
there. Normally there is a box at the top of the visited page which allows you
to control some of the settings in the proxy, but this box can also be turned off.
The proxy does make pages load slower than normal, but for the added protection
of some ad, pop-up, and cookie blocking features, ability to limit servers to
visit, ability to ban servers, etc., the short delay is worth it.
IMPORTANT - BEFORE YOU INSTALL AND USE THIS SCRIPT!
You may not run any CGI Proxy scripts on your domain unless you
ensure that only you, the domain owner has access to this script!
will take any domain offline that allows Proxy scripts to run without proper
security measures including ensuring that only the domain owner can access and
run the script. To ensure this, please see our FAQ
How To Password Protect A CGI Directory
to password protect the directory you place the script in. Never let your site
visitors or anyone else use this script!
As with any other content you put on your comain, this script is not
be used to download or otherwise obtain illegal files of any kind.
To use CGIProxy, you need to be sure your CGI account is set up. Please
see How To Request A CGI Account
for more information. You will also need to
download a copy of CGIProxy.
The version used in this tutorial was 2.1 Beta 6. Note that you will also need
to use a program that will extract tar & gzipped archives. For
Linux users, these programs are built in. Windows users can use
that the online installation utility at
does not work with our servers. You'll have to manually install and set
up this script (which is quite easy to do).
IMPORTANT SECURITY NOTE!|
Always be sure you have
installed the latest updates and/or patches for the script as well as for any
additional add-ons. Updates are very important to the security and proper
functioning of the script! Our instructions may be for earlier versions of
scripts due to the fact that we are not able to keep up with updates to every
script at all times. It is still up to the domain owner to install and use the
latest version of these scripts.
Remember that only your main account can access CGI scripts on your server. Any
hosting or extra FTP accounts that access these scripts may cause your account
to be deactivated and you'll have to contact
CGIProxy can work correctly even inside your cgi-bin directory, or in another
directory if you choose. It is recommended that this script be placed in your
cgi-bin directory unless you decide to limit access to the script using a
directory password protection script. If that is
the case, please create a separate directory for the CGIProxy, set up the script,
then set up the directory password protection script.
NOTE: Advanced features of this script are not for
anyone who is not familiar with the Perl scripting lanugage. While this
script can theoretically be installed very easily with no knowledge of programming,
if you want to take advantage of some of CGIProxy's more advanced features, a
knowledge of Perl, at the very least, is required.
Configuration & Installation:
Editing And Configuring CGIProxy (Optional, but please read.)
After downloading and extracting the files to your hard drive, open the
nph-proxy.cgi file in a text editor. Please be sure it's a normal text
editor and not a word processor. Examples of plain text editors in
Windows are EditPlus (which is recommended)
and Windows Notepad. In this tutorial, we refer to line numbers frequently, which
are an option that can be set in EditPlus. However, some versions of Windows
Notepad may not give any indication of line numbers, so you'll need to go by
the text that is described, or find a text editor that supports showing what line
you have the cursor on. In the Windows XP version of Windows Notepad, you can
go to the View menu and click on the Show Status Bar. You'll see
in the lower right 'Ln x, Col x' (where x will be a number). The 'Ln' number is
the line number.
The file may look complicated, but there is really not much you need to change.
You could actually upload it as-is and have it work. Please keep in mind if you
are setting up any advanced features that we do not support SSL on your
CGI server, so do not set up SSL (ie. https:// access) in CGIProxy.
The user configuration area of CGIProxy is between lines 235 - 1126. There are
many options which you can read the information in the file to see if you want
to enable a particular option or not.
Allowing and Banning Servers
Genearlly, the only options you may wish to change are the allowing and
banning access to different servers on line 499. Reading the instructions will
give you an idea how to do this. Note the following examples for more information
(@BANNED_SERVERS works the same way, but instead prevents access to the servers
@ALLOWED_SERVERS= ('^www\.yourdomain\.com$') ;
This allows only access to your http://www.yourdomain.com/ site and no other.
@ALLOWED_SERVERS= ('\.yourdomain\.com$') ;
Allows access to http://cgi.yourdomain.com/ and http://www.yourdomain.com/ but
@ALLOWED_SERVERS= ('\.yourdomain\.com$', '^yourdomain\.com$') ;
Allows access to http://cgi.yourdomain.com/, http://www.yourdomain.com/ and
also http://yourdomain.com/ (which is the 2nd item in the list).
Two things of note here. First off, you can have as many servers as you want in
the list to ban or allow. They can be your own domain or other sites, or any
combination. It's often preferable to do this if you're not password protecting
the directory which has the CGIProxy server, so that others surfing the web can
not abuse your script.
The second thing you'll notice is how the domains are listed. Instead of just
www.yourdomain.com, you'll see there are symbols intermixed in with the domain
name. Basically, each list starts with a caret (^) (unless it's going to be
a wildcard domain), then any dot in the domain name is preceeded by a
backslash as in \. for example. The last character is always a dollar
sign ($). If using a Wildcard Domain, then the first characters should
be the \. instead of a ^ as in \.yourdomain\.com$ as mentioned above. Each domain
is enclosed in single quotes and not quotation marks. Each domain is also separated
by a comma.
Preventing Looping Of Proxy Script
To prevent a common problem of someone accessing the proxy script via the proxy
script (also known as looping), you will want to set the $NO_BROWSE_THROUGH_SELF
option in like 977 to 1.
Installing The Script
Once you are done setting up the options and have saved the changes, log into
your CGI server and upload the nph-proxy.cgi script file to the directory
of your choice (do not, however, upload it to your logs directory
as that is reserved for server use). You may upload it to your cgi-bin
directory if you wish, if you are not planning to
password protect the script directory.
Remember to set the file permission to 755.
Using the Proxy
Go to your proxy in your web browser. For example, if you uploaded the script to
your cgi-bin directory, you would browse to
http://cgi.yourdomain.com/cgi-bin/nph-proxy.cgi (replace yourdomain.com
with your actual domain name). You'll see a screen with some options and a
text box and button. Type in the web address you wish to visit through the
proxy and select the options you'd like active while visiting the page, then
press the Begin browsing button.
Here is an overview of the options:
Remove all cookies (except certain proxy cookies): Let's you surf and
eliminate any cookies you may aquire during your visit to the page.
Remove all scripts (recommended for anonymity): This will render any
some web sites depend on scripts for content and/or navigation. If you're not
sure on this, best to leave it on. Also setting your browser to not use
some web sites.
Remove ads: This will help remove pop-up advertisements that sometimes
occur when browsing a web site.
Hide referrer information: This will hide where you were before you
arrived at the web site. This may render any 'previous page' or 'back' links on
some web pages unusable. You can always use the back button on your
browser, however, and it's probably best to do just that.
Show URL entry form: This will let you see a box with these same options
on the top of the page you visit, in case you'd like to try visiting another
page, or even the same page with different options. Or, you can leave this unchecked
to visit the page keeping CGIProxy transparent (as in you genearlly won't know
Manage cookies: Here you can see a list of cookies you have aquired via
CGIProxy and can opt to delete them all or only certain ones.
Restart: (Shown in the lower right of the script page.) This will let you
restart the script so that you can enter all new information.
Browsing using CGIPRoxy
As mentioned, if you set the Show URL entry form before browsing to the
page, you'll see a box at the top of the page which gives you the following
Location via proxy: Type in another page URL here to visit then press
the Go button.
Manage cookies: This lets you see and even delete cookies that may have
been picked up while visiting the site.
No cookies: Browse a web site and not allow cookies (note that it may be
best to set this from your web browser settings, but if your browser doesn't have
such settings you can set it here.
found on web pages. Again, if your browser has a setting for this, try to use
your web browser settings instead. However, this setting may also help you stay
anonymous, which many web browsers can't do.
No ads: Helps block pop-up ads and other annoying advertisements.
No referrer: Will block sending information about the last page you
Show this form: Allows you to see (or if unchecked, not see) the CGIProxy
box at the top of the page.
There are many other settings you can change in the nph-proxy.cgi file.
Below are a few of them that you might find interesting. Please read through the
User configuration area between lines 235 and 1126 in the nph-proxy.cgi
file for more information and also the
CGIProxy web site may be
of some interest.
$TEXT_ONLY= 0 ; (line 242): Set this to 1 if you want to browse the web
in a text only mode, meaning not allowing the viewing of any images, etc.
Note that you'll want to set
$RETURN_EMPTY_GIF= 1 ; as well so that
any GIF images will be replaced with a 1 pixel by 1 pixel transparent GIF image.
This is actually usually set to 1 by default but keep this in mind if you decide
to change the settings.
@ALLOWED_SERVERS= () ; and @BANNED_SERVERS= () ; (lines 499 and 500: See
above installation instructions on how to use these two settings. These let you
ban or allow only certain servers to be accessed through CGIProxy.
@BANNED_NETWORKS= ('127.0.0.1', '192.168', '172', '10', '169.254', '244.0.0') ; (line 532):
This is a list of IP addresses to networks which you do not want to access
through the CGIProxy. Note that if you're using this behind a firewall then it's
strongly recommended that this have some IP addresses set. In fact, some are
set by default and you shouldn't need to change them unless you wish to add other
IP addresses to the list.
@BANNED_COOKIE_SERVERS= () (line 549): You can add to this list of servers
that like to place cookies on your hard drive. A list is already given by default
and contains known advertising servers. If you find others you'd like to add,
you can add them here.
$NO_COOKIE_WITH_IMAGE= 1 ; (line 568) This will restrict all cookies to
text-only. Any cookie that wishes to return an image as well, will not be allowed
@ALLOWED_SCRIPT_SERVERS= () ; and @BANNED_SCRIPT_SERVERS= () ; (lines 578 and 579):
These are servers which run scripts (such as cgi.yourdomain.com can also be
considered a 'script server' for instance). You can add servers in the same way
you do for the @ALLOWED_SERVERS and @BANNED_SERVERS.
@BANNED_IMAGE_URL_PATTERNS= (); (line 597): This is a useful setting where
you can add URLs where some advertisements come from. Some are already listed by
default, but if you find an ad you're offended by or don't want to see, you can
add it's URL here. To get that URL you may have to view the source code in your
browser to find the URL or right click on the ad and choose "Copy Location" or
$RETURN_EMPTY_GIF= 1 ; (line 632): As mentioned above, this will replace
any GIF image with a 1 pixel by 1 pixel transparent GIF.
$RUNNING_ON_SSL_SERVER= '' ; (line 740): Please do not set this!
This should be set as blank as shown here. This is because we do not have SSL
support for CGI servers at this time.
$MINIMIZE_CACHING= 0 ; (line 843): If set to 1, this may (no
guarantees) prevent pages you visit from being stored in your browser cache or
downloaded to your computer. This might help if you're surfing the web
through a computer in a cybercafe or similar public computer system. You may also
be able to set this in your web browser if you are on your work or home computer.
$SESSION_COOKIES_ONLY= 0 ; (line 862): This is useful if you're surfing
the internet from a public computer. If set to 1, all cookies you recieve will
be expired as soon as the browser session ended, so that they will not be
remembered by the browser.
$USE_PASSIVE_FTP_MODE= 1 ; (line 904): By default this is set on and will
work in most situations. But if you are having problems with connecting and/or
using FTP via your web browser through CGIProxy, you may want to change this
value to 0.
$SHOW_FTP_WELCOME= 1 ; (line 913): This is useful when you want to watch
the connection to the FTP server, in case you are having problems. This is set
on by default.
$ENCODE_URL_INPUT= 0 ; (line 960): Setting this to 1 will help keep your
visit more anonymous when you type in a URL to visit through CGIProxy.
$REMOVE_TITLES= 0 ; (line 967): If you're browsing a public system or any
system that incorporates censoring software, some of these software programs may
determine whether or not to block your access by looking at the web page title.
Setting this to 1 may let you view the site anyway.
$NO_BROWSE_THROUGH_SELF= 0 ; (line 977) This should normally be set to 1
though at default it's set to 0. This will stop people from looping which would
be done by entering the URL to CGIProxy itself. If this happens then setting this
to 1 will help stop the looping in some instances.
$NO_LINK_TO_START= 0 ; (line 983): This may stop search engines from
finding the start page (ie. The nph-proxy.cgi page) so that other people would
not be able to use your proxy (or potentially abuse it).
Lines 1046 - 1126: These last lines include places to add more mime types
and non-text file extensions.
NOTE: That these are just some of the features. There are others
not mentioned here which you can read more about in the nph-proxy.cgi
file for more information and to determine how to set them up.
I get a blank page when I go to my nph-proxy.cgi page.
This is common if you have forgotten to set the file's permission to 755 when
you uploaded it. It can also be because you did not have a setting right or there
is a syntax error in one of the settings you changed. Common mistakes include
not using single quotes around URLs, or not following the proper syntax in the
@ALLOWED_SERVERS and similiar settings. If setting the file permissions did not
correct the problem, go back over the changes you made to the file and correct
any mistakes, reupload the file and reset the file permissions to 755 in
necessary, then try again.
Features of the CGIProxy either don't work at all or not as expected.
Be sure you have the settings correct. Some settings may depend on others to
be set as well. Read the comments carefully in the file before the settings to
be sure you have all relevent options set correctly.
If you have any problems or questions please consult the
CBIProxy web site.
Active Web Hosting may not be able to provide support for this program or it's