If you have ever used a web proxy and thought that you are completely safe, then think again. Some common web proxies that claim to provide anonymity are far from offering anonymous surfing. A website called “IP check” can be used to check how secure you are even when connected via a web proxy server. The truth is that most web proxies fail the test for anonymity.

Running JavaScript with the proxy

Breaking proxies all boils down to disabling JavaScript. If a Web proxy allows JavaScript to be executed, then the protection is literally lifted. Since proxies use JavaScript methods for IP protection, all a website needs to do is override these methods that are meant to prevent an attack. Once this basic protection is lifted, web resources can then be “unproxified” and reveal a direct IP connection to a user.

Proxy DeanonymizationBreaking a proxy with invalid HTML code

Breaking a proxy can also be done by introducing invalid HTML code. Since web proxies interpret HTML code differently from your browser, omitting even one link of a website link such as an image or style will make it vulnerable to being bypassed. Enabling JavaScript will further make it impossible for the proxy to reach the real test site without providing full anonymity.

Solution = disable Javascript scripts?

The only way to resist this attack is to disable all JavaScript plugins and scripts. Doing this will make it almost impossible to surf the web with a proxy since most sites need JavaScript-enabled browsers for navigation. Browser plugins like Flash and Java are also vulnerable to deanonymization and should, therefore, be deactivated. Alternatively, a proxifier software can be used to force Flash and Java to use a proxy in order to protect your IP address.


There are, however, proxies that provide anonymity. Using a tool like IP Check can help you determine which proxies are more secure and how deep the proxy security goes. If you are sending private sensitive data, it is advisable to avoid using proxies altogether just to be on the safe side.