Proxy Configuration for cURL and wget: Complete Reference
Last updated: April 2026 | Author: Hex Proxies Team
TL;DR: cURL and wget are the most common command-line HTTP tools, and both support proxy configuration through flags, environment variables, and config files. This reference covers every proxy configuration method for both tools, including authenticated proxies, SOCKS5 support, SSL/TLS through proxies, and troubleshooting common issues. All examples use gate.hexproxies.com:8080 as the proxy endpoint.
Whether you are testing proxy connections, building shell-based scraping scripts, debugging network issues, or automating data collection from cron jobs, cURL and wget are the foundational tools. Both support HTTP, HTTPS, and SOCKS proxies, but their configuration syntax and behavior differ in important ways. This reference covers every configuration method for both tools.
cURL Proxy Configuration
Basic Proxy Flag
The -x or --proxy flag sets the proxy for a single request:
# HTTP proxy
curl -x http://gate.hexproxies.com:8080 https://httpbin.org/ip
# With authentication
curl -x http://USERNAME:PASSWORD@gate.hexproxies.com:8080 https://httpbin.org/ip
# With geo-targeting (Hex Proxies password suffix)
curl -x http://USERNAME-country-us:PASSWORD@gate.hexproxies.com:8080 https://httpbin.org/ip
# With city-level targeting
curl -x http://USERNAME-country-us-st-california-city-losangeles:PASSWORD@gate.hexproxies.com:8080 https://httpbin.org/ipSOCKS5 Proxy
# SOCKS5 proxy
curl --socks5 gate.hexproxies.com:8081 https://httpbin.org/ip
# SOCKS5 with authentication
curl --socks5 gate.hexproxies.com:8081 --proxy-user USERNAME:PASSWORD https://httpbin.org/ip
# SOCKS5 with DNS resolution through proxy
curl --socks5-hostname gate.hexproxies.com:8081 --proxy-user USERNAME:PASSWORD https://httpbin.org/ipSeparate Authentication Flag
Instead of embedding credentials in the URL, use --proxy-user:
# Separate auth flag (avoids credentials in process list)
curl -x http://gate.hexproxies.com:8080 \
--proxy-user "USERNAME-country-us:PASSWORD" \
https://httpbin.org/ipEnvironment Variables for cURL
# Set proxy for all cURL requests in this shell session
export http_proxy="http://USERNAME-country-us:PASSWORD@gate.hexproxies.com:8080"
export https_proxy="http://USERNAME-country-us:PASSWORD@gate.hexproxies.com:8080"
# Now all cURL requests use the proxy automatically
curl https://httpbin.org/ip
curl https://example.com
# Uppercase variants (some systems require these)
export HTTP_PROXY="http://USERNAME-country-us:PASSWORD@gate.hexproxies.com:8080"
export HTTPS_PROXY="http://USERNAME-country-us:PASSWORD@gate.hexproxies.com:8080"
# Bypass proxy for specific hosts
export no_proxy="localhost,127.0.0.1,.internal.example.com"cURL Configuration File (~/.curlrc)
# ~/.curlrc — applied to every cURL request
proxy = "http://USERNAME-country-us:PASSWORD@gate.hexproxies.com:8080"
# Optional: set a default user agent
user-agent = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) Chrome/133.0.0.0"
# Optional: follow redirects
locationAdvanced cURL Options
# Verbose output for debugging proxy connection
curl -v -x http://USERNAME:PASSWORD@gate.hexproxies.com:8080 https://httpbin.org/ip
# Set timeout for proxy connection
curl --proxy-connect-timeout 10 -x http://USERNAME:PASSWORD@gate.hexproxies.com:8080 https://example.com
# Use HTTP/2 through proxy
curl --http2 -x http://USERNAME:PASSWORD@gate.hexproxies.com:8080 https://example.com
# Download file through proxy
curl -x http://USERNAME:PASSWORD@gate.hexproxies.com:8080 -o output.html https://example.com
# POST request through proxy
curl -x http://USERNAME:PASSWORD@gate.hexproxies.com:8080 \
-X POST \
-H "Content-Type: application/json" \
-d '{"key": "value"}' \
https://api.example.com/endpoint
# Follow redirects through proxy
curl -L -x http://USERNAME:PASSWORD@gate.hexproxies.com:8080 https://example.com/redirect
# Multiple requests with different geo-targets
curl -x http://USERNAME-country-us:PASSWORD@gate.hexproxies.com:8080 https://example.com -o us.html
curl -x http://USERNAME-country-gb:PASSWORD@gate.hexproxies.com:8080 https://example.com -o uk.html
curl -x http://USERNAME-country-de:PASSWORD@gate.hexproxies.com:8080 https://example.com -o de.htmlwget Proxy Configuration
Command-Line Flags
# Basic proxy usage
wget -e use_proxy=yes \
-e http_proxy="http://USERNAME:PASSWORD@gate.hexproxies.com:8080" \
-e https_proxy="http://USERNAME:PASSWORD@gate.hexproxies.com:8080" \
https://httpbin.org/ip
# With geo-targeting
wget -e use_proxy=yes \
-e http_proxy="http://USERNAME-country-us:PASSWORD@gate.hexproxies.com:8080" \
-e https_proxy="http://USERNAME-country-us:PASSWORD@gate.hexproxies.com:8080" \
https://httpbin.org/ip
# Download file through proxy
wget -e use_proxy=yes \
-e http_proxy="http://USERNAME:PASSWORD@gate.hexproxies.com:8080" \
-e https_proxy="http://USERNAME:PASSWORD@gate.hexproxies.com:8080" \
-O output.html \
https://example.comEnvironment Variables for wget
# Same environment variables work for wget
export http_proxy="http://USERNAME-country-us:PASSWORD@gate.hexproxies.com:8080"
export https_proxy="http://USERNAME-country-us:PASSWORD@gate.hexproxies.com:8080"
# wget respects these automatically
wget https://httpbin.org/ipwget Configuration File (~/.wgetrc)
# ~/.wgetrc — applied to every wget request
use_proxy = on
http_proxy = http://USERNAME-country-us:PASSWORD@gate.hexproxies.com:8080
https_proxy = http://USERNAME-country-us:PASSWORD@gate.hexproxies.com:8080
# Optional settings
user_agent = Mozilla/5.0 (Windows NT 10.0; Win64; x64) Chrome/133.0.0.0
timeout = 30
retries = 3Recursive Download Through Proxy
# Mirror a site through proxy (be respectful of robots.txt)
wget -e use_proxy=yes \
-e http_proxy="http://USERNAME:PASSWORD@gate.hexproxies.com:8080" \
-e https_proxy="http://USERNAME:PASSWORD@gate.hexproxies.com:8080" \
--mirror \
--convert-links \
--adjust-extension \
--page-requisites \
--no-parent \
--wait=2 \
--random-wait \
https://example.com/docs/Configuration Method Comparison
| Method | cURL | wget | Scope | Best For |
|---|---|---|---|---|
| Command-line flag | -x URL | -e http_proxy=URL | Single request | Quick testing, one-off requests |
| Environment variable | http_proxy / HTTP_PROXY | http_proxy | Shell session | Scripts, batch operations |
| Config file | ~/.curlrc | ~/.wgetrc | All requests for user | Persistent proxy usage |
| Separate auth flag | --proxy-user | Not available (use URL auth) | Single request | Avoiding credentials in URLs |
| No-proxy bypass | --noproxy or no_proxy | no_proxy env var | Exclusion list | Bypassing proxy for internal hosts |
Troubleshooting Common Issues
407 Proxy Authentication Required
# Problem: proxy returns 407
curl -v -x http://gate.hexproxies.com:8080 https://example.com
# Output: HTTP/1.1 407 Proxy Authentication Required
# Solution: include credentials
curl -x http://USERNAME:PASSWORD@gate.hexproxies.com:8080 https://example.comSSL/TLS Certificate Errors
# Problem: SSL certificate verification fails through proxy
# This is normal — the proxy uses CONNECT tunneling for HTTPS
# Solution: ensure you're using HTTPS proxy URL
curl -x http://USERNAME:PASSWORD@gate.hexproxies.com:8080 https://example.com
# NOT this (don't use https:// for the proxy URL itself unless the proxy supports it)
# curl -x https://USERNAME:PASSWORD@gate.hexproxies.com:8080 https://example.comConnection Timeout
# Problem: proxy connection times out
# Diagnose: test proxy connectivity
curl -v --proxy-connect-timeout 5 -x http://USERNAME:PASSWORD@gate.hexproxies.com:8080 https://httpbin.org/ip
# Check if port 8080 is accessible from your network
nc -zv gate.hexproxies.com 8080
# Try with longer timeout
curl --proxy-connect-timeout 30 --max-time 60 -x http://USERNAME:PASSWORD@gate.hexproxies.com:8080 https://example.comSpecial Characters in Password
# Problem: password contains special characters (@, :, !, etc.)
# Solution: URL-encode the special characters
# @ = %40, : = %3A, ! = %21, # = %23, $ = %24
# If password is "p@ss:word!"
curl -x http://USERNAME:p%40ss%3Aword%21@gate.hexproxies.com:8080 https://example.com
# Or use --proxy-user to avoid URL encoding
curl -x http://gate.hexproxies.com:8080 --proxy-user 'USERNAME:p@ss:word!' https://example.comShell Scripting Patterns
Batch Requests with Geo-Rotation
#!/bin/bash
# Fetch a URL from multiple countries through Hex Proxies
USERNAME="YOUR_USERNAME"
PASSWORD="YOUR_PASSWORD"
GATEWAY="gate.hexproxies.com:8080"
TARGET_URL="https://example.com/pricing"
COUNTRIES=("us" "gb" "de" "fr" "jp" "au" "br" "in")
for country in "${COUNTRIES[@]}"; do
echo "Fetching from $country..."
curl -s -o "output_${country}.html" \
-x "http://${USERNAME}-country-${country}:${PASSWORD}@${GATEWAY}" \
-H "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) Chrome/133.0.0.0" \
--max-time 30 \
"$TARGET_URL"
echo " Status: $?"
sleep 2
doneProxy Connection Test Script
#!/bin/bash
# Test Hex Proxies connection and report IP
USERNAME="YOUR_USERNAME"
PASSWORD="YOUR_PASSWORD"
GATEWAY="gate.hexproxies.com:8080"
echo "Testing proxy connection..."
RESULT=$(curl -s --max-time 10 \
-x "http://${USERNAME}-country-us:${PASSWORD}@${GATEWAY}" \
https://httpbin.org/ip)
if [ $? -eq 0 ]; then
echo "Proxy connection successful"
echo "Response: $RESULT"
else
echo "Proxy connection failed"
echo "Debugging with verbose output:"
curl -v --max-time 10 \
-x "http://${USERNAME}-country-us:${PASSWORD}@${GATEWAY}" \
https://httpbin.org/ip
fiSecurity Best Practices
- Never hardcode credentials in scripts committed to version control. Use environment variables or a secrets manager.
- Use
--proxy-userin cURL instead of embedding credentials in URLs, which appear in process listings (ps aux). - Set
no_proxyfor internal hosts to prevent internal traffic from routing through external proxies. - Use config files with restricted permissions:
chmod 600 ~/.curlrcto prevent other users from reading proxy credentials. - Rotate credentials periodically and update them across all configuration locations.
Frequently Asked Questions
Should I use cURL or wget for proxy-based scraping?
cURL is more versatile for proxy work: it supports SOCKS5 natively, offers more proxy-related flags (--proxy-user, --proxy-connect-timeout, --noproxy), and handles HTTP/2 through proxies. wget is better for recursive downloads and mirroring sites. For most proxy testing and scripting, cURL is the recommended tool.
Can I use Hex Proxies with cURL on Windows?
Yes. cURL is included in Windows 10/11 and works identically. Use the same -x flag with gate.hexproxies.com:8080. On PowerShell, set environment variables with $env:HTTP_PROXY = "http://USERNAME:PASSWORD@gate.hexproxies.com:8080".
How do I test if my proxy is working?
Use curl -x http://USERNAME:PASSWORD@gate.hexproxies.com:8080 https://httpbin.org/ip — it returns the IP address the target sees. If the IP is different from your real IP, the proxy is working. For more details, see our proxy troubleshooting guide.
Why does HTTPS through a proxy use HTTP for the proxy URL?
When you access an HTTPS site through an HTTP proxy, cURL sends a CONNECT request to the proxy, which creates a TCP tunnel. The actual TLS handshake happens end-to-end between your client and the destination server. The proxy URL itself uses http:// because the proxy connection is a control channel — your HTTPS traffic is encrypted inside the tunnel. This is secure and the standard behavior.
How do I configure proxies for cURL in Docker containers?
Set the proxy environment variables in your Dockerfile or docker-compose.yml. For Dockerfiles: ENV HTTP_PROXY=http://USERNAME:PASSWORD@gate.hexproxies.com:8080. For docker-compose, use the environment key. Never bake credentials into images — use Docker secrets or runtime environment variables. See residential proxy docs and ISP proxy docs for authentication details.