The easiest and most secure authentication method is IP Authentication. To use it:
- On your dashboard, choose Add an IP or Hostname link to add address(es) you wish to use.
- Fill and submit the form. Any IP address you add will be able to access the ProxyMesh proxy without a Proxy-Authorization header. If you have a dynamic, frequently changing IP, then you may want to use domain authentication with a dynamic DNS service.
After you add an IP to your account, it will take a few minutes to automatically be authorized at the servers.
To avoid a temporary break of four hours, please be sure to wait until the IP has been authorized at the servers before you make requests from that IP.
That's it! Now any requests you make to a proxy server from the IPs that you've added will successfully authenticate.
- There is no limit on authenticated IPs. Although your dashboard form has room for only a few entries, once you submit an entry you can fill in the form again to add more.
- You cannot add a proxy's IP to your authorized IP list on the dashboard. The authorized IP list is for your IP addresses.
- IPs for sub-accounts are authenticated by the same methods, via dashboard or API, as a primary account. Also see Creating Sub-Accounts from Your Dashboard.
If for any reason IP authentication fails, it could be that your IP has changed. You can update your IPs again from your account dashboard. However, if your access is temporarily blocked because of too many
407 errors (indicating incorrect authentication), be aware that an IP update performed during a ban does not immediately lift the ban. You will need to wait until the ban expires, typically after 4 hours.
Please see our blog article Are Your IP Addresses Clean?
IP Authentication for Multiple Accounts
You can have multiple ProxyMesh accounts, but the system does not allow the same IP to be authenticated for multiple accounts. An attempt to do so will trigger a message that the IP is already in the system.
An authenticated IP becomes a primary key in the ProxyMesh database and is not unique to a single account. With multiple accounts authorizing the same IP, a proxy server could not determine which account was making a request.
If you have a dynamic, frequently changing IP, then you may want to use domain authentication with a dynamic DNS service such as No-IP. Once you have dynamic DNS setup, you can add your domain on the same page where you add IP addresses. Domains are resolved every 10 minutes, causing a potential lag between the DNS IP change, and ProxyMesh's receipt of the update, but this method can work well for you.
The typical HTTP proxy authentication method is with the
Proxy-Authorization header using the Basic access authentication method. Most HTTP client libraries support this authentication method. But if you need to create the header yourself, the steps are
- Base64 encode your username:password
- Send a header that looks like
Proxy-Authorization: Basic base64-encoded-username:password
The username/password is the same one that you use to sign into your account.
Although Python Requests supports username:password authentication with HTTPS URLs, most other libraries do not. The reason is that the
Proxy-Authorization header must be sent with the initial
CONNECT method, instead of with the rest of the request headers. Otherwise there is no way for the proxy server to read the header.
For HTTPS requests, IP authentication is the most reliable method. For additional details, please see Proxy Server Requests over HTTPS.