Using the method described in my previous article, you can easily see the benefit to bypass censorship. By using the set up previously described, you can encrypt all your traffic through the proxy and therefore appear as if you are only having one long SSH connection.
But in addition, it can be a good idea to configure firefox to use the proxy to resolve the DNS requests (in case the DNS server you are using are “filtered”). To do so, type “about:config” in the adress bar and change the setting of network.proxy.socks_remote_dns from false to true as shown below.
If you enjoy Pandora or any content that is restricted to the USA, it is quite annoying when you cannot access it because you are out of the country (Ha! Good old Europe).
Fortunately, proxies can help you fix the problem quite easily. I used to employ GPass. It is an easy solution to use under Windows but last time I tried to start it, it couldn’t find any tunnel. There is however an alternative solution to put in place if you have a web host in the USA with SSH connection: create your own proxy tunnel.
The process is simple:
Create a SSH tunnel
Configure your web browser to use the tunnel.
Create a SSH tunnel
To create a tunnel, open a console (if you are using Windows, you can use Mobaxvt that I described here) and enter the following:
ssh -ND localhost:5555 user@host.com
The options are explained below but you can have more details here.
-N Do not execute a remote command. -D port Specifies a local "dynamic" application-level port forwarding. user@host.com Your ssh credentials and webhost address
In other words, we open a remote session and traffic will be redirected to port 5555 of our machine.
Configure your web browser
I am using firefox with the FoxyProxy extension. This extension allows to use different proxy settings depending on the websites that you are visiting. In other terms, not all your traffic need to go through your webhost… only Pandora (and whatever else you feel like).
Once the new proxy is created, configure the proxy as a SOCKS proxy v5, with the configuration given above (address: localhost, port:5555) as illustrated in the screenshot below.
Then, you can configure foxyproxy to use patterns as shown below and you should now have access to Pandora (or whatever you configure) from wherever you are.
I guess that you have already been in a situation where you couldn’t access some websites whether you are at school, work, library, or in some country that practices censure.
There are many proxies (thanks Korben for the info) that you can use to bypass these limitations but they can be slow and / or with a lot of ads and pop-up windows. But if you have your own web hosting, there is an easy way to avoid these drawbacks: install your own proxy1. In order to do so, you simply need:
A web hosting that allows you to execute cgi scripts.
Installation is pretty straightforward but here are a few words about it. The first thing is to identify where your server allows you to put PERL scripts. In most cases it is probably in the cgi-bin directory at the root of your website but for what I have read some web hosters allow you to put it anywhere. The second thing is to identify the PERL path and modify the first line of the file you have dowloaded according to this information. If you can access your webhosting through CPanel, look at the bottom of the home page and you may see something like “Perl Path: /usr/bin/perl”
If you have an SSH access, you can also try the command “which perl”. Most of the time, the path is the one given above or the one coming with the file.
Once you have transfered the nph-proxy.cgi to your server in the correct directory, you should be able to access it and see something like that:
Don’t hesitate to read the documentation on the author website since many options exist to customize your proxy. You can restrict access to some websites, ban some IP addresses to limit access to your proxy, customize the header of the pages accessed trough your proxy, etc…
1 Of course, your website shoudn’t been blocked itself so that you can use it as a proxy. You can try to see if you can access your website from China here.
