Set Up a Lightweight HTTP Proxy with Tinyproxy
· One min read
Tinyproxy is a lightweight HTTP proxy suitable for small controlled environments. It is not a VPN and does not automatically encrypt traffic between the client and proxy.
An open proxy can be abused quickly, so restrict source IP addresses, listening interfaces, and firewall rules before exposing the service.
Optional test container
docker run -itd --name ubuntu-test -p 8888:8888 ubuntu:22.04
docker exec -it ubuntu-test bash
Install Tinyproxy
apt update
apt install tinyproxy -y
Create a configuration
Create /tmp/tinyproxy.conf:
Port 8888
Listen 0.0.0.0
Timeout 600
BindSame yes
MaxClients 1024
DisableViaHeader Yes
# Replace with trusted client networks.
Allow 192.168.1.0/24
Do not leave Allow 0.0.0.0/0 enabled on a public server.
Start the service
tinyproxy -d -c /tmp/tinyproxy.conf
For long-running deployments, use the distribution service unit and store configuration under /etc/tinyproxy/.
Verify the proxy
export PROXY_IP=203.0.113.10
curl --proxy "http://$PROXY_IP:8888" https://httpbin.org/ip
The response should show the proxy server's public address. If it fails, inspect the Tinyproxy log, firewall, cloud security group, Allow rules, and whether the proxy can resolve DNS and reach the destination.