Using Proxy Selection and Proxy Bypass Lists

Using a proxy server can allow the administrator to limit access to the Internet. The proxy server can be specified in the IEAK wizard, the IEAK Profile Manager (formerly the .ins editor), and through the browser. Restricting the ability of the user to change the proxy settings is also available via the Restrictions page in the IEAK wizard and INS editor.

Note: The proxy bypass feature may eliminate the need for the use JavaScript to select a proxy.

To configure the proxy selection and proxy bypass settings, follow the these steps:

  1. Open the Options dialog box. The Options dialog box can be accessed either from the Internet icon in Control Panel or from the Options menu item of the View menu in Internet Explorer.

  2. Click on the Connection tab to display the connection options. The following figure shows the Connection tab in the Options dialog box.
  3. The Connection tab has two sections: Dialing and Proxy server. Click on the Settings button in Proxy sever to open the proxy setting view.

    The Proxy Settings view has a Connect through a proxy server check box, Servers section, and Exceptions section.

  4. The Connect through a proxy server check box on both the Connection tab and Proxy Settings view determines if the browser will use proxies to handle requests. Check this box so that all requests, except for those specified in the Exceptions section, will be sent through a proxy. If the box is not checked, all other fields in the dialog box will be greyed out and a proxy will never be used.

  5. The Servers section has edit boxes to set the proxy location and port number for each of the Internet protocols that are supported and a Use the same proxy server for all protocols check box. The Secure setting in the Servers section is for HTTPS requests. Enter the proxy location and port number for the appropriate protocols.

    Note: In most cases, only a single proxy is used for all protocols. In those cases, enter the proxy location and port number for the HTTP setting and check the Use the same proxy server for all protocols check box. Checking the box makes all the other entries unavailable and copies the information in the HTTP setting into the Secure, FTP, and Gopher settings. Checking the box also hides the information in the Socks setting.

    The proxy locations that do not begin with a protocol (like "http://" or "ftp://"), are assumed to be a CERN type HTTP proxy. For example, the entry "proxy" would be treated the same as the entry "http://proxy." For FTP gateways, like the TIS FTP gateway and the WinGate Win95 Modem FTP proxy, the proxy should be listed with the protocol "ftp://" in front of the proxy name. For example, an FTP gateway "ftpproxy" should be entered as "ftp://ftpproxy."

  6. Some network requests need to bypass the proxy. The most common reason to bypass the proxy is for local (intranet) addresses. Generally, these addresses do not contain periods in them. By checking the box marked Do not use proxy server for local (Intranet) addresses, all addresses without a period will bypass the proxy and be resolved directly.

    To bypass more complex addresses, enter the addresses in the edit box labeled, Do not use proxy server for addresses beginning with:.

    A proxy bypass entry may begin with a protocol type. These may be http://, https://, ftp://, or gopher://. If a protocol type is used, the exception entry only applies to requests for that protocol. Note that the protocol value is case insensitive. Multiple entries should be separated by a semicolon (;).

    Next, an Internet address, an IP address, or domain name must be entered. If no protocol is specified, any request using the address will be bypassed. If a protocol is specified, requests with the address will only be bypassed if they are of the indicated protocol type. As with the protocol type, address entries are case insensitive.

    Finally, a port number may be added. If it is used, the request is only processed if all previous requirements are met and the request uses the specified port number.

    The exception dialog box allows a wildcard "*" to be used in the place of zero or more characters. The following list contains examples showing how to use wildcards:

    • Enter a wildcard at the beginning of an Internet address, IP address, or domain name to bypass servers with a common ending. For example, use "*.example.com" to bypass any entries ending in ".example.com" (like "some.example.com" and "www.example.com").
    • Enter a wildcard in the middle of an Internet address, IP address, or domain name to bypass servers with a common beginning and ending. For example, the entry "www.*.com" matches any entry that starts with "www" and ends with "com" (like "www.someplace.com," "www.almost.anywhere.com," and so on.).
    • Enter a wildcard at the ending of an Internet address, IP address, or domain name to bypass servers with a common beginning. For example, use "www.someplace.*" to bypass any entries that began with "www.someplace." (like "www.someplace.com", "www.someplace.org", and "www.someplace.else.com").
    • Use multiple wildcards to bypass addresses with similar patterns. For example, use "123.1*.66.*" to bypass addresses like "123.144.66.12", "123.133.66.15", and "123.187.66.13."

    Although wildcards are powerful, they must be used carefully. For example the entry, "www.*.com," will cause Internet Explorer to bypass the proxy for most web sites.