Skip to main content
3proxy is a lightweight proxy server. Bring it up on a VPS and you get your own static IP with a username and password for scraping, multi-accounting, or getting around geo-blocks. Commands are for Ubuntu/Debian, as root.
Commands are current as of writing. Before installing, check the official repo 3proxy/3proxy — package names and config syntax change between versions.
This is a single IP from a single datacenter. Sites with anti-fraud often flag datacenter addresses, and under load such an IP is easy to burn out. For serious scraping and multi-accounting you usually need a pool of residential or mobile addresses with rotation — see the block at the end.

What you’ll need

Installation

3proxy has ready-made .deb packages in the releases on GitHub.
1

Download the package

Follow the link, find the latest release, copy the version number (for example 0.9.4), and substitute it for X.Y.Z:
wget https://github.com/3proxy/3proxy/releases/download/X.Y.Z/3proxy-X.Y.Z.x86_64.deb
For example, for version 0.9.4:
wget https://github.com/3proxy/3proxy/releases/download/0.9.4/3proxy-0.9.4.x86_64.deb
Check the exact name of the .deb file on the release page — some builds have a different architecture suffix (for example, amd64 instead of x86_64).
2

Install the package

apt install ./3proxy-X.Y.Z.x86_64.deb
3

Check the version

3proxy --help

Config

Describe the proxy in /etc/3proxy/3proxy.cfg:
nano /etc/3proxy/3proxy.cfg
A minimal working config with username-and-password authentication:
nserver 1.1.1.1
nserver 8.8.8.8

users user:CL:strongpassword

auth strong
allow user

proxy -p3128
socks -p1080
What’s what here:
LineWhat it does
nserverDNS servers for resolving names
users user:CL:strongpasswordusername and password; CL means the password is stored in plain text in the config
auth strongrequire authentication (won’t let anyone in without a username and password)
allow usergrant access to this user
proxy -p3128HTTP proxy on port 3128
socks -p1080SOCKS5 proxy on port 1080
Be sure to keep auth strong and a user with a password (or an IP restriction). Bots find a proxy with no authentication within hours and start pushing other people’s traffic through it — this hurts the IP’s reputation and risks abuse reports.

Start and enable on boot

Turn on the service and add it to startup:
systemctl enable --now 3proxy
Check that the service came up: systemctl status 3proxy. If the system says there’s no 3proxy unit, the package didn’t install a systemd service — run the proxy manually (3proxy /etc/3proxy/3proxy.cfg) or build a unit following the instructions from the release.
After editing the config, restart the service:
systemctl restart 3proxy

Open the ports in the firewall

If ufw is on, open only the ports you actually use:
ufw allow 3128/tcp
ufw allow 1080/tcp
More on the firewall: Firewall (ufw).

Verify

From your local machine, check that the proxy returns the server’s IP:
curl -x http://user:strongpassword@IP:3128 https://api.ipify.org
The reply should be your VPS’s IP. For SOCKS5 — curl -x socks5://user:strongpassword@IP:1080 https://api.ipify.org.
Need a pool of residential or mobile addresses with rotation rather than a single datacenter IP? That’s a separate “Proxies” product — set it up in @lumiproxy_bot. Your own 3proxy on a VPS is a single datacenter IP; it doesn’t provide rotation or residential addresses.

Lumi handles the server and network; software setup is on you. Network or port issues — message @lumisup_robot.

Where to next

Firewall

Open the proxy ports the right way.

WireGuard

A personal VPN instead of a proxy — all traffic through the server.