Explainer

What Is a Proxy? A Plain-English Explanation

What is a proxy? A server that makes web requests for you, so the site sees its IP instead of yours. How proxies work, the types that matter, and what a proxy is not.

HProxy Team · ·Updated July 18, 2026 ·6 min read
HProxy. Explainer

Skip the dead lists.

Our free proxy list re-checks every exit every few minutes across 100+ countries, with a live last-checked time, so you copy IPs that worked moments ago, not a stale text dump.

Open the free proxy list

Somewhere between deciding to scrape a website, unblock a service, or run more than one account, everyone hits the same instruction: "use a proxy." It gets repeated constantly and explained almost never, as if the word carries its own meaning. It does not. A proxy is a specific, simple piece of infrastructure, and once you see what it actually does, every other proxy decision (residential or datacenter, HTTP or SOCKS5, rotating or static) stops being jargon and starts being a set of obvious trade-offs.

We run a proxy network, so here is the ground-floor explanation with nothing sold: what a proxy is, how the relay actually works, the two things that make one proxy different from another, and the three things a proxy is quietly not.

What is a proxy?

A proxy is an intermediary server that makes internet requests on your behalf. Your traffic goes to the proxy first, the proxy forwards it to the website you are trying to reach, and the response travels back through the proxy to you. Because the request leaves from the proxy, the website sees the proxy's IP address instead of yours. That substitution is the entire job.

How a proxy works

Picture a normal request without a proxy: your device opens a connection straight to a website, and the site sees your real IP, the address your internet provider assigned you. Every website you visit learns that address, because it has to send the answer back somewhere.

A proxy inserts one hop. Your device connects to the proxy, hands it the request, and the proxy opens its own connection to the target. The only address the target ever sees is the point where the request finally leaves for the open internet, the exit IP, which now belongs to the proxy. Your own address stays off the conversation entirely.

This matters because to a website an IP address is an identity. The instant a request arrives, the site can look up who owns that address, roughly where it sits, and what kind of network it belongs to. Swap the exit IP and you change every one of those answers. That single lever, controlling the address a site reads you from, is what powers scraping without bans, seeing prices as a local shopper, verifying ads by country, and keeping separate accounts looking separate.

Forward and reverse: the word points two ways

When most people say "proxy" they mean a forward proxy: the kind you configure your own software to use, working on your behalf to reach the internet. There is a mirror image called a reverse proxy that sits in front of a website's own servers (Cloudflare and nginx are the common examples), working for the site, not for you. When you buy a proxy to change what a site sees, you are always buying a forward proxy. The distinction trips up a surprising number of conversations, so we untangled it fully in forward vs reverse proxy.

The two things that actually vary

Every proxy does the same relay. What separates one from another comes down to two independent choices.

The protocol you speak to it. This decides what kind of traffic the proxy can carry. An HTTP proxy understands web requests and is the default for browsers and scrapers. A SOCKS5 proxy sits lower down and relays any TCP or UDP connection without caring what rides inside, which is why it handles email, torrents, game clients, and anything that is not a web page. We put them head to head in HTTP vs SOCKS5 proxy and break down the SOCKS side in what is a SOCKS5 proxy.

Where the IP comes from. This decides how much a website trusts you, and it is where most of the price difference lives. The main sources:

  • Datacenter, an IP owned by a hosting company. Fast and cheap, but easy for a defended site to spot as non-residential.
  • Residential, a real home connection borrowed from a consumer internet provider. It reads as an ordinary person, which is why defended targets let it through. See what is a residential proxy.
  • ISP, a static IP registered to a consumer provider but hosted on datacenter hardware, so it combines residential trust with datacenter speed. See what is an ISP proxy.
  • Mobile, an IP from a cellular carrier, the hardest of all to block because carriers share one address across many real users. See what is a mobile proxy.

Protocol and source are independent: you can have an HTTP residential proxy or a SOCKS5 datacenter proxy or any other combination. Pick the protocol for the traffic, and the source for how suspicious the target is.

Three things a proxy is not

The fastest way to misuse a proxy is to expect something it never provided.

A proxy is not encryption. A standard proxy relays your bytes, it does not scramble them. What keeps your data private is the site's own HTTPS, which works through the proxy regardless. On a plain HTTP site, a plain HTTP proxy operator can read everything. Never mistake a proxy for a security layer.

A proxy is not a VPN. A VPN encrypts and routes your whole device to its server; a proxy typically routes one app and adds no encryption of its own. Different scope, different job, and we lay out when each wins in free proxy vs VPN.

A proxy is not automatic anonymity. The IP is only the first signal a site reads. A transparent proxy even leaks your real address in an X-Forwarded-For header, while headers, TLS fingerprint, cookies, and behavior all still describe you. A clean exit IP is a strong start, not a cloak. We take the whole detection stack apart in how websites detect proxies.

So which proxy do you need?

Start from the target, not the price tag. If the site barely checks, a cheap datacenter IP over HTTP does the job and anything fancier is wasted money. If the target has a real bot team, you want a residential or ISP IP that reads as a genuine user, and the protocol simply follows whatever your tool speaks.

When you are ready, our residential proxies are real, ethically sourced home IPs from $0.65/GB with no signup and a balance that never expires, and every plan answers on both HTTP and SOCKS5. You can start free: pull live IPs from our free proxy list and run any address through the proxy checker to see exactly what a website would, the network behind it, the anonymity grade, and the real exit location. Understand the relay first, and every proxy you buy after that is a deliberate choice instead of a guess.

Sources and further reading

  • RFC 9110: HTTP Semantics. Section 3.7 defines a proxy as "a message-forwarding agent that is chosen by the client," the formal version of the relay described here.
  • MDN, "Proxy servers and tunneling". How forward proxies represent clients, how reverse proxies represent servers, and how the X-Forwarded-For header carries the original IP.

Frequently asked questions

What is a proxy in simple terms?
A proxy is a server that sits between you and the internet and makes requests on your behalf. Instead of your computer connecting to a website directly, it connects to the proxy, the proxy connects to the website, and the reply comes back the same way. The website sees the proxy's IP address, not yours, which is the whole reason people use one.
What is the difference between a proxy and a VPN?
Scope and encryption. A proxy usually routes one app or one browser and does not add encryption of its own. A VPN routes your entire operating system through an encrypted tunnel to its server. A proxy is the lighter, more surgical tool when you only need to change the IP one program uses; a VPN is the heavier, whole-device option.
Does a proxy hide my IP address?
From the destination website, yes: the site sees the proxy's exit IP instead of yours. How well it hides your IP depends on the proxy, though. A transparent proxy actually forwards your real address in a header, while an elite one adds nothing. And the IP is only one signal a site reads, so a proxy changes what address you appear from, not your entire digital fingerprint.
Does a proxy encrypt my traffic?
Not by itself. A standard proxy relays your bytes without adding encryption. What protects your data is the site's own HTTPS (TLS), which works through the proxy either way. On a plain HTTP site with a plain HTTP proxy, the operator can read everything you send, so never treat a proxy as a security layer on its own.
Are there different types of proxy?
Yes, along two axes. One is the protocol you speak to it: HTTP, HTTPS, or SOCKS5. The other is where its IP comes from: a data center, a real home connection (residential), an ISP-registered static IP, or a mobile carrier. The protocol decides what traffic it can carry; the IP source decides how much a website trusts it.
Is using a proxy legal?
In most countries, yes. A proxy is just a relay, and relaying your own traffic is not illegal. What can cross a line is what you do through it, such as breaking a site's terms of service or a local law. The other honest concern is sourcing: for residential proxies, only use pools built from people who agreed to share their connection.

Get proxies that are alive right now

Our free list re-checks every exit every few minutes and shows a last-checked time, so you copy IPs that worked moments ago, not a stale text dump. When the location has to survive a real check, the paid network holds up.

47M+ proxy checks run · 100+ countries · HTTP / HTTPS / SOCKS · re-checked every few minutes · no signup