The post is under continious construction, last update: November, 2018.
If you have any suggestions or feedback, you are very welcome to contact me using github issues, or at

Setting up the WebServer with ForwardProxy

This post is mostly about the client, but I will provide a few links to server configuration tutorials.

 Server  Probing resistance  HTTP/2  Notes
Caddy  ✔*  ✔  RECOMMENDED. Configuration is extremely easy, see instruction from Caddy’s author Matt Holt in his blog post on Medium.
Apache2  ✕  ✕  See how to configure forward proxy on mod_proxy and http2 do not work together.
nghttp2  ✕  ✔  Could act as frontend to forwadproxy, say squid, see

* Probing resistance in Caddy Web Server is experimental

Ways to start using Secure Web Proxy on client side:

Google Chrome/Chromium

  1. Use extension, for example SwitchyOmega. This extension guides user through setup, and here’s mine for reference:

    SwitchyOmega Setup

    Then in upper-right corner you can switch between “Direct” connection and your proxy:

    SwitchyOmega Switch

  2. Alternatively, you can pass --proxy-server="" (substitute sfrolov.iofor to google-chrome. In Linux/MacOS you can call google-chrome --proxy-server="". In Windows/macOS you can right click on icon and set up passing aforementioned string as argument.


  1. Easiest option would be to use SwitchyOmega. Setup is same as for Google Chrome, just follow the instructions.

  2. There is also a way to configure secure web proxy without addons, but it is somewhat less convinient. Open Menu (upper right corner) → Preferences → General → Network Settings
    Choose Automatic proxy configuration URL, and paste the following:


Don’t forget to substitute for, and don’t lose HTTPS%20 before and ";} after.
You can also check “Do not prompt for authentication if password is saved” for convinience.

Firefox Proxy

Proxy Auto-Config (PAC) File

Remember that you first have to generate PAC file. ForwardProxy plugin for Caddy web server does that automatically.

PAC on Android

Open Wi-Fi settings → hold/tap on currently used Wi-Fi and choose “Modify Network” → In Advanced options set proxy to “Proxy Auto-Config” → Set PAC URL to whereever your PAC file is, for example,

PAC in Firefox

Open Menu (upper right corner) Preferences → Advanced → Network → Settings → Set Automatic proxy configuration URL to whereever your PAC file is, for example,

You can also specify full path to local PAC file.

PAC on Windows 7

Control Panel → Network and Internet → Internet Options → Connections → LAN settings → Check the “Use automatic configuration script” and specify url or path to your PAC file.

PAC on macOS

System Preferences → Network → Choose needed network and click “Advanced…” → Proxies → Check “Automatic Proxy Configuration” and specify url or path to your PAC file.

PAC on Linux Desktop

Depending on your OS some of the following options may be available to you

  • System Settings → Network → Network Proxy → Choose method “Authomatic” and specify url or path to your PAC file → Click “Apply System-Wide”


  • Right click on Network Manager in tray → Edit Connections → Choose connection to modify and click edit button → Proxy → Choose method “Authomatic” and specify url or path to your PAC file → Click “Save”