Proxy Configuration Guide
Proxy Configuration Guide
Section titled “Proxy Configuration Guide”The puppeteer-mcp project includes comprehensive proxy support for browser contexts, allowing you to route browser traffic through HTTP/HTTPS/SOCKS proxies. This feature supports authentication, health monitoring, automatic rotation, and failover capabilities.
Features
Section titled “Features”- Multiple Proxy Protocols: HTTP, HTTPS, SOCKS4, and SOCKS5
- Authentication Support: Username/password authentication for all proxy types
- Bypass Lists: Configure domains/IPs to bypass proxy
- Proxy Pools: Configure multiple proxies with automatic rotation
- Health Monitoring: Automatic health checks and failover
- Load Balancing: Multiple rotation strategies (round-robin, random, least-used, priority, health-based)
- Security: NIST-compliant implementation with secure credential handling
- Monitoring: Comprehensive metrics and alerting
Basic Usage
Section titled “Basic Usage”Single Proxy Configuration
Section titled “Single Proxy Configuration”const contextArgs = { sessionId: 'your-session-id', name: 'proxy-context', options: { proxy: { enabled: true, config: { protocol: 'http', host: 'proxy.example.com', port: 8080, auth: { username: 'user', password: 'pass', }, bypass: ['localhost', '*.internal.com'], }, }, },};
// Create context via MCPconst response = await mcpClient.callTool('createBrowserContext', contextArgs);Proxy Pool Configuration
Section titled “Proxy Pool Configuration”const contextArgs = { sessionId: 'your-session-id', name: 'pool-context', options: { proxy: { enabled: true, pool: { proxies: [ { protocol: 'http', host: 'proxy1.example.com', port: 8080, priority: 100, // Higher priority }, { protocol: 'socks5', host: 'proxy2.example.com', port: 1080, priority: 50, }, ], strategy: 'priority', // Use priority-based selection healthCheckEnabled: true, failoverEnabled: true, failoverThreshold: 3, // Failover after 3 consecutive failures }, rotateOnError: true, rotateOnInterval: true, rotationInterval: 3600000, // Rotate every hour }, },};Proxy Configuration Options
Section titled “Proxy Configuration Options”Protocol Types
Section titled “Protocol Types”http: Standard HTTP proxyhttps: HTTPS proxy with SSL/TLSsocks4: SOCKS4 proxysocks5: SOCKS5 proxy with optional authentication
Rotation Strategies
Section titled “Rotation Strategies”- round-robin: Cycles through proxies in order
- random: Randomly selects a proxy
- least-used: Selects the proxy with fewest requests
- priority: Selects based on configured priority values
- health-based: Selects based on health metrics and performance
Bypass Patterns
Section titled “Bypass Patterns”Configure domains/IPs to bypass the proxy:
bypass: [ 'localhost', // Exact match '127.0.0.1', // IP address '*.internal.com', // Wildcard subdomain '192.168.1.0/24', // IP range (CIDR notation) '10.*', // IP prefix];Advanced Configuration
Section titled “Advanced Configuration”Health Check Settings
Section titled “Health Check Settings”{ healthCheckInterval: 300000, // Check every 5 minutes healthCheckUrl: 'https://www.google.com', connectionTimeout: 30000, // 30 second timeout maxRetries: 3, // Retry failed requests 3 times rejectUnauthorized: true // Validate SSL certificates}Proxy Monitoring
Section titled “Proxy Monitoring”Enable proxy monitoring for detailed metrics:
import { proxyMonitor } from 'puppeteer-mcp/proxy';
// Start monitoringawait proxyMonitor.start();
// Listen for eventsproxyMonitor.on('proxy:unhealthy', ({ proxyId, error }) => { console.warn(`Proxy ${proxyId} is unhealthy: ${error}`);});
proxyMonitor.on('performance:alert', ({ proxyId, metric, value, threshold }) => { console.warn(`Performance alert for ${proxyId}: ${metric}=${value} (threshold: ${threshold})`);});
// Get current statusconst status = proxyMonitor.getStatus();console.log('Pool health:', status.currentMetrics.poolHealth);Security Considerations
Section titled “Security Considerations”Credential Management
Section titled “Credential Management”Network Security
Section titled “Network Security”- SSL certificate validation is enabled by default
- Set
rejectUnauthorized: falseonly for testing - Use bypass lists to exclude sensitive internal domains
- Monitor proxy health to detect potential issues
NIST Compliance
Section titled “NIST Compliance”The implementation follows NIST security controls:
- AC-4: Information flow enforcement
- SC-8: Transmission confidentiality and integrity
- IA-5: Authenticator management
- SI-4: Information system monitoring
- AU-3: Content of audit records
API Reference
Section titled “API Reference”CreateBrowserContextArgs
Section titled “CreateBrowserContextArgs”interface CreateBrowserContextArgs { sessionId: string; name?: string; options?: { proxy?: { enabled: boolean; config?: ProxyConfig; pool?: ProxyPoolConfig; rotateOnError?: boolean; rotateOnInterval?: boolean; rotationInterval?: number; }; };}ProxyConfig
Section titled “ProxyConfig”interface ProxyConfig { protocol: 'http' | 'https' | 'socks4' | 'socks5'; host: string; port: number; auth?: { username: string; password: string; }; bypass?: string[]; connectionTimeout?: number; requestTimeout?: number; maxRetries?: number; healthCheckInterval?: number; healthCheckUrl?: string; rejectUnauthorized?: boolean; name?: string; tags?: string[]; priority?: number;}ProxyPoolConfig
Section titled “ProxyPoolConfig”interface ProxyPoolConfig { proxies: ProxyConfig[]; strategy?: 'round-robin' | 'random' | 'least-used' | 'priority' | 'health-based'; healthCheckEnabled?: boolean; healthCheckInterval?: number; failoverEnabled?: boolean; failoverThreshold?: number; maxConcurrentChecks?: number;}Examples
Section titled “Examples”Web Scraping with Rotating Proxies
Section titled “Web Scraping with Rotating Proxies”// Configure a pool of proxies for web scrapingconst scrapingContext = { sessionId: 'scraping-session', name: 'scraper', options: { proxy: { enabled: true, pool: { proxies: [ // Add multiple proxies for rotation { protocol: 'http', host: 'proxy1.provider.com', port: 8080 }, { protocol: 'http', host: 'proxy2.provider.com', port: 8080 }, { protocol: 'http', host: 'proxy3.provider.com', port: 8080 }, ], strategy: 'round-robin', healthCheckEnabled: true, }, rotateOnError: true, rotateOnInterval: true, rotationInterval: 600000, // Rotate every 10 minutes }, },};Geo-targeted Browsing
Section titled “Geo-targeted Browsing”// Use specific regional proxiesconst geoContext = { sessionId: 'geo-session', name: 'us-browser', options: { proxy: { enabled: true, config: { protocol: 'http', host: 'us-proxy.provider.com', port: 8080, auth: { username: process.env.PROXY_USER, password: process.env.PROXY_PASS, }, name: 'US-East-1', tags: ['us', 'east'], }, }, },};High-Security Configuration
Section titled “High-Security Configuration”// Maximum security settingsconst secureContext = { sessionId: 'secure-session', name: 'secure-browser', options: { proxy: { enabled: true, config: { protocol: 'socks5', host: 'secure-proxy.company.com', port: 1080, auth: { username: process.env.SECURE_PROXY_USER, password: process.env.SECURE_PROXY_PASS, }, bypass: [ 'localhost', '127.0.0.1', '::1', '*.internal.company.com', '10.0.0.0/8', '172.16.0.0/12', '192.168.0.0/16', ], rejectUnauthorized: true, connectionTimeout: 10000, maxRetries: 1, }, }, },};Troubleshooting
Section titled “Troubleshooting”Common Issues
Section titled “Common Issues”Debug Logging
Section titled “Debug Logging”Enable debug logging for proxy operations:
import { createLogger } from 'puppeteer-mcp/utils';
const logger = createLogger('proxy-debug');logger.level = 'debug';Health Check Failures
Section titled “Health Check Failures”If health checks are failing:
- Verify the health check URL is accessible
- Check proxy allows connections to the health check domain
- Increase health check timeout
- Use a different health check URL
healthCheckUrl: 'https://httpbin.org/ip', // Alternative health checkhealthCheckInterval: 600000, // Check less frequentlyBest Practices
Section titled “Best Practices”Related Documentation
Section titled “Related Documentation”- Architecture Overview for system design context
- Security Testing for proxy security validation
- Operations Guide for monitoring proxy health
- Browser Pool Optimization for performance optimization
- Session Persistence for session management
Use Cases
Section titled “Use Cases”Enterprise Network Access
Section titled “Enterprise Network Access”Proxy configuration is essential for enterprise environments where:
- Direct internet access is restricted
- Corporate firewalls require proxy routing
- Network policies mandate traffic inspection
- Geographic restrictions apply
Web Scraping and Data Collection
Section titled “Web Scraping and Data Collection”Proxy rotation provides:
- IP address rotation to avoid rate limiting
- Geographic diversity for location-specific content
- Load distribution across multiple proxy providers
- Fault tolerance with automatic failover
Security and Privacy
Section titled “Security and Privacy”Proxy usage enhances security by:
- Hiding original IP addresses
- Encrypting traffic through secure proxies
- Bypassing geographic restrictions
- Adding an additional layer of network security
Conclusion
Section titled “Conclusion”The proxy configuration system provides enterprise-grade capabilities for routing browser traffic through various proxy types with comprehensive monitoring, health checks, and automatic rotation. This enables reliable browser automation in enterprise environments while maintaining security and performance standards.