What information do you need right now? Click on applicable links below.
|Account Security||Two-Factor Authentication|
|Password Management||Billing Information & Payment Security|
|Proxy Security||HTTPS CONNECT Method|
|Open Proxy – security caution|| World Proxy - security
ProxyMesh uses security measures on all levels of the system to protect your data. Our security tools include encryption, firewalls, and access controls. In this way, every transaction, signup, and login is checked as to its potential for fraud. If they appear too risky, they are blocked.
User IP addresses can be blocked for too many failed logins, too many declined transactions, or other behavior that looks like fraud or cyberattack. On individual proxies, users can be blocked for too many failed login attempts.
We store information you provide to us on a computer system located in a controlled facility with limited access. Employees view your data only on a need-to-know basis.
ProxyMesh respects your privacy, and we are committed to maintaining the privacy and confidentiality of personal data we collect.
We protect the entire website with Sucuri, a website application firewall (WAF). A web application consists of three layers: view, business logic, and data. Cyberattacks generally target specific layers of a web app. Sucuri protects against threats by analyzing and monitoring traffic between each layer and the Internet.
In addition, we use Fail2ban with iptables to block unauthorized access attempts on the proxy servers. The Fail2ban daemon scans log files and blocks any IP address with too many failures to authenticate correctly, indicating a possible automated attack.
When an attempted compromise is located using the defined parameters, Fail2ban adds a new rule to iptables – a firewall program for Linux – to block the IP address of the attacker, temporarily or permanently.
Login and account pages can only be accessed over HTTPS. Eavesdroppers are prevented from extracting your password, and your data is always protected in transit.
We offer the option of two-factor authentication (2FA). When you enable 2FA, logging in to your account requires a secondary code from an app or mobile device.
When you've entered your password, you receive a one-time-only passcode via text to complete your login. The additional security of 2FA protects access to your account even if someone succeeds in getting your password.
Several applications are available to help you manage 2FA tokens. We recommend you try Authy, designed to make it easy and straightforward for to use with even a strong Two-Factor authentication.
1Password offers apps and 2FA for a range of devices, and it's usable with the major browsers and operating systems.
Please see our blog, Using Password Managers for Security without Frustration.
All passwords are salted and hashed using a secure hashing algorithm, so that your password cannot be read by anyone else. These measures provide a strong defense against brute-force attacks and ensures that no ProxyMesh employee can read your password.
Brute-Force Login Protection
Both for the website and for the proxy servers, if someone tries to log into your account too many times in a row, failing each time, then their IP is automatically blocked for several hours.
Your IP will also be blocked temporarily if you try to connect to a proxy server too many times without authentication.
Billing Information & Payment Security
We do not store any of your billing information. Instead, it is safely secured by trusted 3rd party services. For credit or debit card billing, we use Stripe. For non credit/debit card billing, we support PayPal subscriptions.
Stripe employs Radar, an intelligent system for detecting and blocking fraud. Radar is designed for modern Internet business operations, using algorithms that adapt readily in response to shifting fraud patterns. It detects fraudsters without blocking legitimate customers in error.
Unlike an open proxy, the ProxyMesh proxies can only be accessed by authenticated users. For the highest level of security, we recommend IP authentication (described in Proxy Authentication) so that your account credentials are never transmitted over the network.
The higher level plans support sub-accounts, usable as an alternative to your main account. If you are using username:password authentication, then using a sub-account can be a way to protect your main account credentials.
Sub-accounts support the same security features as regular accounts:
- HTTPS account pages
- two-factor authentication option
- hashed passwords
Servers directly under control of the ProxyMesh system employ standard protocols to protect the security of data in transit.
ProxyMesh does not store request bodies, and only stores request logs to monitor the performance and functionality of the proxy servers, and to bill your account based on usage. These logs are kept for no longer than 30 days, and are only accessible by authorized support staff.
HTTPS CONNECT Method
Using the HTTP
CONNECT method, the servers can securely proxy HTTPS/SSL connections between you and an HTTPS server.
All communication between your client/browser and the secure site is encrypted; the proxy server's function is limited to moving the data back and forth, and does not even detect what method of request you are using. Most HTTP client libraries support the
CONNECT method for HTTPS requests over HTTP proxies.
Access to the ProxyMesh Open Proxy server is included free with every ProxyMesh account. Our proxy server can forward your requests to a list of known open proxies.
Be aware that, because ProxyMesh does not control the open proxies, someone running an open proxy could potentially "snoop" on your data.
Your Questions Answered
You'll find answers to many specific questions about ProxyMesh security in the Security FAQ.
Hackers have stepped up their use of certain types of cyberattacks in response to factors such as the rise of remote work, the continually increasing speed of computer processing, and the wide use of VPNs and RDPs. Please see our blog site, proxyserver.com, for articles to help you understand and guard against some common cyberthreats:
- Guard Against the Latest Cyberthreats
- Protecting Your Privacy While Browsing Online
- How to Stay Safe Online
- How to Avoid Phishing Email Scams
- Avoiding Man-in-the Middle Attacks
- Brute-Force Attacks - a Growing Cyberthreat
- How to Avoid Honeypot Traps
- Avoiding Azure Application Scams