Not all proxies are created equally. In fact, many proxies have varying levels of eﬀectiveness in terms of speed, security, and routing protocols that make them quite diﬀerent for users.
The two main types of proxies used today are Hypertext Transfer Protocol (HTTP) proxies and Secure Socket (SOCKS) proxies. I am going to break down the diﬀerence between these two methods on a number of levels. I’ll refrain from extreme technical language (except where necessary) so that beginners who come across this can understand just as well as a fluent programmer.
I’ll make comparisons on functionality, speed, security, cost, availability, and practical use.
Before I dive into that, here’s a brief explanation of how the HTTP protocol functions in general, which both systems are built on.
HTTP protocol is the standard proxy protocol for the internet. It’s what you see in every web address: http://www.example.com. It’s so ingrained in my modern-aged brain that in many ways I don’t see it anymore — except when writing an article about it, of course.
The first thing to know about HTTP protocol functionality is that it’s based on the client-server model in a request-response scenario. In most cases the “client” is a web browser (i.e. you, using a web browser), and the client sends out a request for information. This request for information is an HTTP request, typed in as Uniform Resource Locator (URL). The “server,” meanwhile, is an application or another computer with that information. Upon receiving the request, the server sends the resources, which is a myriad of content like images or blocks of text, in an HTTP format back to the client.
For those scratching their heads, the process above is what happens you go to a website. You are the client, typing in http://facebook.com, and Facebook (the company) has a server somewhere that holds the information you want to see. HTTP is the method by which the request is made, and then also how the information is provided to you.
This protocol is essentially how the internet and web-based browsing is set up.
Proxies come into play when you want another layer in this client-server model. One might want another layer for anonymity, or security, or because the client or the server has a firewall set up and they can’t get through to each other.
HTTP proxies and SOCKS proxies are two diﬀerent types of layers. It gets a little confusing because “HTTP proxies” look very similar to “HTTP protocol.” While both types of proxies are both built on the HTTP protocol, they have some key diﬀerences.
HTTP Proxy Functionality
I’ll get into more specifics below, but the main standout feature for HTTP proxy functionality is that the they are built with the very specific HTTP protocol methods in mind. They are mainly used to fetch and receive within that protocol, rather than other types of network connections. This includes specific network ports, which all HTTP traﬃc is usually routed through.
Due to these factors, HTTP proxies are the more common of the two types, and are usually what people mean when they talk about proxy use. Public proxies, elite private proxies, and some VPN services all use HTTP proxies.
SOCKS Proxy Functionality
SOCKS proxies operate at what’s called a “lower level” than the HTTP proxy. This means the SOCKS proxies are more general, have more applications, and are not as smart. “Smart” in this sense has to do with programming and proxy methods understanding information that is passed, which I’ll talk about in the security section. Programmers also use the SOCKS proxies because, unlike the HTTP proxies which are tied into the HTTP protocol, SOCKS can work on any network protocol and on any port.
Due to this general use application of SOCKS proxies, they are used more often for non-specific HTTP protocol related matters, and are malleable to programmers in a way that HTTP proxies are not.
What most people talk about when they talk about the diﬀerence between SOCKS and HTTP proxies is how secure, or not, the two are. Proxies tend to be used specifically for anonymity and security, so it makes a lot of sense that this is the primary concern people have. I’ll break down how the two compare below.
HTTP Proxy Security
In general, HTTP proxies are not as secure as SOCKS. That’s true if you’re using an elite private proxy, a shared private proxy, or a public proxy (listed in descending order of safety).
The main reason HTTP proxies aren’t as secure? They are “smart.” It’s weird, I know. Usually intelligence implies a higher degree of safety, but in this particular protocol chain that’s just not true.
The security issue comes into focus when looking at the actual network traﬃc or data that passes between the client and server in the HTTP protocol. Due to this intelligence — which is really a simple way of saying how the proxy and protocol system is set up architecturally — the HTTP proxies can understand and interpret this traﬃc.
This means that the stream of data you, the client, are requesting can be seen by the proxy you are using. That means it might “see” the latest episode of Game of Thrones you downloaded, which is illegal to own without purchasing. It might also “see” a casual web search on woodpeckers. The proxy does not care how sensitive or not the data is, but the fact remains that it can read it.
This has led to a number of proxy provider scandals. For instance, popular VPN site HideMyAss! went on record as logging the data of a paying user who happened to be using its anonymity to help access and steal Sony information. The user’s actions were illegal, and HideMyAss! had every legal right to cough up the information.
That information could never have been tracked if HideMyAss! was built on a SOCKS proxies platform, rather than with HTTP proxies. In this particular case, the user was at fault. However, many users believe that HTTP proxies are highly secure — given names like “elite private proxy” — when in reality the companies that own them could be logging said data.
HTTP Proxy Caveat
There is a digital caveat to this whole notion that HTTP proxies are not secure. Many of us are now familiar with HTTPS instead of HTTP — the “S” is commonly associated with a more secure website. In Google Chrome a small padlock icon appears on websites that have https:// at the beginning, rather than http://. This is possible through the CONNECT method, which allows an HTTP proxy to establish a secure and direct connection between client and server, also known as a tunnel.
If you’re looking at buying HTTP proxies, ask the provider if they support the CONNECT method. If they do, you can get great security out of certain connections. If not, you run the risk of your data being read.
SOCKS Proxy Security
As you can probably guess, SOCKS proxies are more secure than HTTP proxies. The main reason this is true is because SOCKS cannot read the data being passed between client and server. It is dumb, in a sense, and that ignorance makes it none the wiser to whatever information happens to be passing between the client and server.
The technical process behind this has to do with the SOCKS proxy method of connection, which is called tunneling. With an HTTP proxy, the client and server exchange information through the proxy itself, which stands as a middle man between the two web-based interfaces. With SOCKS tunneling, the client makes a direct request to the client, and with express permission (called a handshake) the tunnel is opened.
This is a TCP/IP-based connection, and it is extremely secure because of its directness and sheer transparency. It is clear when the tunnel is open, and it is clear that the SOCKS proxy cannot access the data in the tunnel.
SOCKS proxies have two main versions, 4 and 5. The most recent version, SOCKS5, adds even more support for security and UDP. For the basic user, either version of
SOCKS will work well, and both are very secure.
For reference, Tor , the ultra-anonymous and secure site, is built on SOCKS proxy technology.
When it comes to proxies, the next thing people are concerned with is speed. Having a middle-man route all traﬃc to and from your IP address is a great way to get bogged down, so speed is always a question. I’ll compare HTTP and SOCKS proxy speed below.
HTTP Proxy Speed
HTTP proxies are the definition of a middle-man, so you’re sure to come up against at least a slight drop in speed. With that said, HTTP proxies are the more common of the two types, so speed is an issue much addressed by providers.
There are three general types of HTTP proxies, and they each have diﬀerent speeds:
- Public proxies. These are free proxies found on proxy lists, and are terribly slow. Thousands of people could be trying to use a single proxy, and all that data tends to cut down on speed. Also, these proxies are not secure, so I don’t recommend using them.
- Shared private proxies. Not every proxy provider has this option, but SquidProxies, one of the most popular providers, has You have to pay for these and they are typically shared between a few number of customers. You get cheaper access to a semi-private proxy in this way, and can theoretically use the full speed of a private proxy, which hovers around the advertised 1,000 mb/s. However, your proxy-sharing mates might be bandwidth hogs, so your speeds could decrease seriously.
- Elite private proxies. These are the cream of the crop when it comes to HTTP proxies, and often have advertised speeds of more than 1,000 mb/s. Individuals don’t typically have data connections that can handle those speeds, which means an elite private proxy should not slow down your speeds at all. However, proxies are proxies, and if there’s any issues with the middle-man, you’ll notice the speed shift.
There is an exception to this rule, and it has to do with HTTP proxy caching. Some higher-end proxies have the ability to cache content before you see it, which will make browsing much more fluid. Content like images, videos, and GIFs may actually appear faster than without a proxy because of this ability.
SOCKS Proxy Speed
When it comes down to it, SOCKS proxies are still proxies, and don’t function that much faster or slower than HTTP proxies. The speed will ultimately result in your proxy provider’s settings, which, as I said above, can be upwards of 1,000 mb/s, or much slower than that.
From a computational standpoint, SOCKS proxies require less coding to run. This can increase speed in some cases, but most people won’t notice the shift.
The one aspect where SOCKS proxy speed is much highers when downloading or transferring a large amount of content. Due to the direct tunnel of the SOCKS proxy, this content can be transferred more quickly. It is the preferred proxy type for BitTorrent because of this.
This, much like speeds, depends significantly on your proxy provider. Even costs for HTTP proxies can vary widely, and there are a huge number of providers out there. Some are excellent and well-respected, others are not. Do your research when seeking out a proxy provider. Search forums like Black Hat World and Warrior Forum, and contact customer support if you’re unsure.
Some proxy providers will include both HTTP proxies and SOCKS proxies (usually SOCKS5) in their packages. Those that do, like TorGuard, tend to be a little more expensive than your typical HTTP proxy provider.
You can check what types providers oﬀer before you purchase, either through customer service or in the FAQ section of their website. Very few services provide just SOCKS proxies. Typically services will include both.
This makes SOCKS proxies a bit more expensive, because if you don’t need them, you can purchase a cheaper plan from just HTTP proxy providers.
Hopefully you have a much better understanding of the diﬀerence between HTTP and SOCKS proxies now. As I said earlier, I did my best not to get into the super technical language that goes along with these diﬀerences.
That technical stuﬀ does exist, though, and you can search the Wikipedia pages linked above at your leisure, or ask pertinent questions on Black Hat World.
Each proxy type has a use, so when choosing one consider what specifically you’ll be using it for, then make your decision.