What is a SOCKS5 proxy?

A SOCKS5 proxy is an intermediary server that forwards your app’s network traffic to a destination on your behalf. The destination sees the proxy’s IP, not your device’s IP.

TL;DR: SOCKS5 is a flexible proxy that works with many apps and protocols (TCP + UDP). It doesn’t encrypt traffic by itself.

How SOCKS5 works (simple)

When you configure an application to use a SOCKS5 proxy, it typically goes like this:

  1. Your client connects to the proxy (example: proxy.example.com:1080).
  2. Optional: the proxy requires authentication (none / username+password / GSS-API).
  3. Your client tells the proxy the destination (host + port).
  4. The proxy opens the connection and pipes data back and forth.
Important: SOCKS5 does not encrypt your traffic by itself. If the app connection isn’t already encrypted (TLS/HTTPS), a network observer can still read it.

SOCKS5 authentication methods

SOCKS5 supports multiple authentication options:

Method What it means
None ("no auth") Anyone who can reach the proxy can use it.
Username / password A login is required before traffic is forwarded.
GSS-API Uses OS security mechanisms (Kerberos/NTLM, etc.).
Tip: Prefer authenticated SOCKS5 wherever possible. Open, unauthenticated proxies are easy to abuse and often unreliable.

SOCKS5 vs SOCKS4

  • SOCKS4: TCP only, no modern authentication, largely obsolete.
  • SOCKS5: TCP + UDP, supports authentication, more widely useful in modern apps.

If a tool supports both, choose SOCKS5.

SOCKS5 vs HTTP / HTTPS proxies

HTTP proxy

  • Works at the web-request layer (HTTP/HTTPS).
  • Great for web browsing, caching, or content filtering.
  • Not ideal for non-web protocols and many non-browser apps.

HTTPS proxy

  • Essentially an HTTP proxy with TLS between your client and the proxy.
  • Helps protect web traffic on untrusted networks.
  • Still primarily web-focused.

SOCKS5

  • Works at a lower level: forwards many kinds of traffic without interpreting it.
  • Often used for apps like email clients, games, messaging apps, and some P2P tools.
  • Usually simpler/more reliable for non-web traffic.

When a SOCKS5 proxy is useful

  • Testing how a service behaves from another IP/location
  • Routing traffic through a controlled gateway
  • Using apps that support SOCKS5 but not HTTP proxies
  • UDP-heavy use cases (some games/voice apps), where supported

Quick test (verify it works)

A quick way to confirm your proxy is in use is to check your public IP through it.

# SOCKS5 with proxy-resolved DNS (recommended to reduce DNS leaks)
curl --socks5-hostname proxy.example.com:1080 https://ifconfig.me

# SOCKS5 with username/password
curl --socks5-hostname user:[email protected]:1080 https://ifconfig.me
Tip: Use --socks5-hostname (or socks5h in some tools) so the proxy does DNS resolution. Otherwise your machine may resolve DNS locally.

Safety notes (read this)

  • A proxy can hide your IP, but it does not guarantee anonymity.
  • Treat free/open proxies as untrusted (logging, injection, instability).
  • Prefer providers you control or trust, and use end-to-end encryption (HTTPS/TLS/VPN) when confidentiality matters.