v1.9.4-99ab90b
← Back to Hex Proxies

Protocol Support

Complete protocol coverage with HTTP, HTTPS, and SOCKS5 support including CONNECT tunneling and TLS passthrough.

Get Started
3
Protocols
1.2 & 1.3
TLS Version
Supported
CONNECT Tunnel
Supported
UDP via SOCKS5

Full Protocol Coverage for Every Use Case

Different applications require different proxy protocols. A web scraper needs HTTP or HTTPS. A network testing tool might need SOCKS5. A custom application might need raw TCP proxying. Hex Proxies supports all three major proxy protocols across every proxy type, so you never need to switch providers based on protocol requirements.

HTTP Proxy Protocol

HTTP proxying is the most common proxy protocol. When your application sends a request through an HTTP proxy, it sends the full target URL as part of the HTTP request line, and the proxy forwards the request to the target server.

Hex Proxies' HTTP proxy implementation supports all standard HTTP methods (GET, POST, PUT, DELETE, PATCH, HEAD, OPTIONS) and passes through all request and response headers faithfully. We do not inject, modify, or strip headers unless you explicitly configure header management rules.

HTTP proxying works with any HTTP client library in any programming language. Configuration typically requires setting a single environment variable or passing a proxy URL to your HTTP client constructor.

HTTPS and CONNECT Tunneling

For HTTPS requests, the standard approach is the HTTP CONNECT method. Your application sends a CONNECT request to the proxy, specifying the target host and port. The proxy establishes a TCP connection to the target and then acts as a transparent tunnel, passing encrypted bytes in both directions without inspection.

This is a critical security property: Hex Proxies never sees the plaintext content of your HTTPS requests. We see the target hostname (from the CONNECT request) and the encrypted bytes, but we cannot read request bodies, response bodies, cookies, or any other content protected by TLS.

Our CONNECT implementation supports TLS 1.2 and TLS 1.3. The TLS version used for the proxy connection (between your application and our gateway) is independent of the TLS version used for the target connection (between our egress IP and the target server). This means you get modern encryption on both legs.

SOCKS5 Protocol

SOCKS5 is the most versatile proxy protocol. Unlike HTTP proxying, which only handles HTTP traffic, SOCKS5 can proxy any TCP or UDP traffic. This makes it suitable for applications beyond web browsing, including FTP clients, email clients, database connections, and custom TCP-based protocols.

Our SOCKS5 implementation supports both TCP and UDP ASSOCIATE commands. Authentication is handled via the SOCKS5 username/password authentication method (RFC 1929). We also support the no-authentication method when combined with IP whitelist access control.

SOCKS5 is the recommended protocol when your application handles its own DNS resolution (SOCKS5 supports remote DNS via the DOMAIN address type) or when you need to proxy non-HTTP traffic.

Protocol Selection Guide

Choose HTTP proxy protocol when you are building web scrapers, API clients, or any application that exclusively makes HTTP/HTTPS requests. HTTP proxy configuration is simpler and is supported by every HTTP client library.

Choose SOCKS5 when you need protocol flexibility, when your application is not purely HTTP-based, or when you need to control DNS resolution (local vs. remote). SOCKS5 adds slightly more configuration complexity but provides maximum flexibility.

For most web-focused use cases, HTTP/HTTPS is the right choice. For specialized applications or when you need the proxy to handle DNS resolution, use SOCKS5.

Authentication Across Protocols

All three protocols support the same authentication methods. You can authenticate using username and password (included in the proxy URL or SOCKS5 auth handshake) or via IP whitelist (no credentials needed in the request). API key authentication is also available for programmatic session management.

Authentication credentials are transmitted securely regardless of protocol. For HTTP/HTTPS proxying, we recommend connecting to our gateway over TLS to encrypt the proxy authentication exchange. For SOCKS5, the authentication handshake is part of the SOCKS protocol and should be protected by connecting to our SOCKS5 gateway over a secure channel.

Port Configuration

Our standard ports are 8080 for HTTP/HTTPS proxy and 1080 for SOCKS5. Enterprise customers can request custom port assignments. All ports support both IPv4 and IPv6 connections to our gateways.

Protocol Performance

HTTP proxying has the lowest overhead because the protocol is simple and well-optimized in all HTTP client libraries. SOCKS5 adds a small handshake overhead (typically 10 to 20 milliseconds) for the protocol negotiation and authentication exchange. Once the SOCKS5 session is established, data transfer performance is identical to HTTP proxying.

Key Features

HTTP Proxy

Standard HTTP proxy protocol for web requests. Supports GET, POST, and all HTTP methods with full header passthrough.

HTTPS / CONNECT Tunnel

CONNECT method creates an encrypted tunnel to the target. Hex Proxies never inspects or decrypts your HTTPS traffic.

SOCKS5 Proxy

Protocol-agnostic SOCKS5 support for any TCP or UDP traffic. Works with applications beyond HTTP including FTP, SMTP, and custom protocols.

TLS 1.3 Support

Our gateways support TLS 1.2 and TLS 1.3 for the proxy connection itself, ensuring modern encryption for your authentication credentials.

Ready to Get Started?

Experience our enterprise-grade proxy network infrastructure.

Create AccountView Pricing

Related Resources

HTTPS Proxies

Secure HTTPS proxy connections with SSL encryption. Available on residential and ISP plans for encrypted browsing and data collection.

HTTPS Proxy Performance

Benchmarking HTTPS proxy performance including TLS handshake overhead and cipher negotiation.

SOCKS5 vs HTTP Proxy Benchmark

Head-to-head comparison of SOCKS5 and HTTP proxy protocols across performance dimensions.

Residential Proxies

Rotating residential IPs from 100+ countries with city-level targeting.

Cookie Preferences

We use cookies to ensure the best experience. You can customize your preferences below. Learn more