[Blog](https://scrapfly.io/blog) / [curl](https://scrapfly.io/blog/tag/curl) / [How to Use cURL With a Proxy in 2026](https://scrapfly.io/blog/posts/curl-with-proxy) # How to Use cURL With a Proxy in 2026 by [Ziad Shamndy](https://scrapfly.io/blog/author/ziad) Jun 30, 2026 21 min read [\#curl](https://scrapfly.io/blog/tag/curl) [\#http](https://scrapfly.io/blog/tag/http) [\#proxies](https://scrapfly.io/blog/tag/proxies) [ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fscrapfly.io%2Fblog%2Fposts%2Fcurl-with-proxy "Share on LinkedIn") cURL supports proxies through five routes, a command-line flag, environment variables, a config file, inline credentials, and dedicated SOCKS options. Most tutorials show only the first, which leaves engineers chasing 407 errors, leaking DNS through `socks5://`, or pasting credentials into the wrong flag. This guide is the developer reference for all five. It walks through `-x` and `--proxy` for one-off requests, `http_proxy`, `https_proxy`, `ALL_PROXY`, and `NO_PROXY` for session-wide setup, `.curlrc` for permanent config, the `-U` versus `-u` auth trap, the `socks5://` versus `socks5h://` DNS leak, the `--noproxy` override, and troubleshooting for SSL errors, 407 rejections, and silent bypasses. ## Key Takeaways The `-x` or `--proxy` flag is the fastest way to use a proxy with a single cURL command, while environment variables and `.curlrc` cover session-wide and permanent setups. Authentication and DNS behavior are where most engineers slip, so the `-U` and `socks5h://` rules below deserve a closer read. - `-x` and `--proxy` accept HTTP, HTTPS, and SOCKS schemes, so the same flag covers every common proxy type. - `http_proxy`, `https_proxy`, and `ALL_PROXY` let cURL pick up a proxy from the environment with no command change, and `NO_PROXY` carves out exceptions. - `.curlrc` (`_curlrc` on Windows) makes a proxy permanent across every cURL command on the system. - Use uppercase `-U` for proxy credentials and lowercase `-u` for target-server credentials, because mixing the two flags sends the password to the wrong endpoint. - Use `socks5h://` instead of `socks5://` to resolve hostnames on the proxy server and prevent DNS leaks to the local resolver. **Get web scraping tips in your inbox**Trusted by 100K+ developers and 30K+ enterprises. Unsubscribe anytime. ## How Do You Set a Proxy in cURL With the Command Line? Use the `-x` (or its long form `--proxy`) flag followed by the proxy URL to route any cURL request through a proxy server. The flag overrides any environment variable or `.curlrc` setting, so `-x` is also the right choice for one-off testing on a machine that already has a default proxy configured. The general syntax follows a single pattern, with the protocol scheme deciding what kind of proxy cURL talks to: shell```shell curl -x ://: ``` The three most common shapes look like this against [web-scraping.dev/products](https://web-scraping.dev/products), a dedicated scraping sandbox that serves a stable product listing page, which makes it a safe target for testing a proxy without hitting a live production site. shell```shell # HTTP proxy (the default if no scheme is given) curl -x http://proxy.example.com:8080 https://web-scraping.dev/products # HTTPS proxy (cURL talks TLS to the proxy itself) curl -x https://proxy.example.com:443 https://web-scraping.dev/products # Long-form alias, identical to -x curl --proxy http://proxy.example.com:8080 https://web-scraping.dev/products ``` The commands above each route a single GET request through the chosen proxy and print the product listing page from `web-scraping.dev/products`. The destination server sees the proxy's outbound IP rather than the local machine's IP, which is exactly the behavior a proxy is meant to provide. To confirm which IP the target actually received, add `-v` and read the proxy `CONNECT` exchange in the verbose trace. A few defaults are worth memorizing. cURL assumes `http://` if no scheme is given, port `1080` for HTTP and SOCKS proxies, and port `443` for HTTPS proxies. Older cURL releases (before 7.21.7) did not parse a scheme on the proxy URL at all, so on legacy systems the proxy URL must be host and port only. HTTPS proxies sometimes present self-signed or corporate certificates that cURL cannot validate. The quick development workaround is `-k` (or `--insecure`), which disables TLS verification for the connection to the proxy: shell```shell curl -k -x https://proxy.example.com:443 https://web-scraping.dev/products ``` The flag above tells cURL to skip the proxy certificate check, which is fine for a quick test but should never ship to production. The proper fix is to install the proxy CA certificate and pass `--proxy-cacert /path/to/proxy-ca.crt`, which is covered later in the troubleshooting section. For the broader cURL toolbox (headers, cookies, POST bodies, redirects), the cURL web scraping guide covers everything that lives outside the proxy flag. [How to Use cURL For Web ScrapingIn this article, we'll go over a step-by-step guide on sending and configuring HTTP requests with cURL. We'll also explore advanced usages of cURL for web scraping, such as scraping dynamic pages and avoiding getting blocked.](https://scrapfly.io/blog/posts/how-to-use-curl-for-web-scraping) ## How Do You Authenticate With a Proxy in cURL? Pass proxy credentials either inline in the proxy URL (`http://user:pass@host:port`) or with the dedicated `-U` (uppercase) flag. Both forms are equivalent, but only the second avoids stuffing the password into the URL string that shows up in shell history and process listings. The two most common patterns sit side by side below: shell```shell # Inline credentials in the proxy URL curl -x http://proxyuser:proxypass@proxy.example.com:8080 https://web-scraping.dev/products # Same proxy, credentials passed separately with -U curl -x http://proxy.example.com:8080 -U proxyuser:proxypass https://web-scraping.dev/products ``` Both commands authenticate the same way against the same proxy, then forward the request to `web-scraping.dev/products`. The `-U` form keeps the credentials out of the proxy URL, which matters when the command is logged, screen-shared, or pasted into a ticket. cURL also masks the password from `ps` output on Linux, but only after the process has started parsing flags, so a brief window of exposure exists. cURL supports several proxy authentication schemes beyond Basic. Each scheme has a dedicated flag for forcing a specific method: - `--proxy-basic` sends credentials base64-encoded over the wire, which is the default and the simplest method. - `--proxy-digest` uses a challenge-response handshake so the password never travels in plain form. - `--proxy-ntlm` and `--proxy-negotiate` cover Windows-domain authentication via NTLM and Kerberos respectively. - `--proxy-anyauth` lets cURL pick whichever method the proxy advertises, at the cost of an extra round-trip. On Windows, the special `-U :` form (a colon with no user or password) tells cURL to authenticate with the current Windows session credentials via SSPI, which is useful for corporate proxies that integrate with Active Directory. ### What Is the Difference Between -U and -u in cURL? `-U` (uppercase) authenticates with the proxy, while `-u` (lowercase) authenticates with the target server, and confusing the two silently sends the wrong password to the wrong endpoint. The mistake is one of the most reported cURL bugs that turns out to be a flag mismatch rather than a software issue. The two flags look almost identical at a glance, but the destination of the credentials is completely different: shell```shell # -U (uppercase): proxy credentials curl -x http://proxy.example.com:8080 -U proxyuser:proxypass https://web-scraping.dev/products # -u (lowercase): target-server credentials curl -x http://proxy.example.com:8080 -u apiuser:apipass https://web-scraping.dev/products # Both at once: proxy with -U, target API with -u curl -x http://proxy.example.com:8080 -U proxyuser:proxypass -u apiuser:apipass https://web-scraping.dev/products ``` The third command above is the realistic shape of an authenticated request through an authenticated proxy. cURL sends `proxyuser:proxypass` to the proxy, then sends `apiuser:apipass` to the target server once the tunnel is established. Swap in a URL that actually challenges for credentials (an internal API or a Basic-auth-protected route) to see the difference between the two flags in the response status, since `web-scraping.dev/products` is open and returns the same page regardless. For the wider topic of authenticating against the target server itself (Basic, Bearer tokens, custom headers), the dedicated answer page covers every option cURL supports. [How to Set cURL Authentication - Full Examples GuideLearn how to set basic authentication, bearer tokens, and cookie authentication with cURL through a step-by-step guide.](https://scrapfly.io/blog/answers/how-to-set-authorization-with-curl-full-examples-guide) ## How Do You Configure a SOCKS Proxy in cURL? Replace the `http://` scheme with `socks4://`, `socks5://`, or `socks5h://` in the `-x` flag, or use the dedicated `--socks5`, `--socks4`, and `--socks5-hostname` flags. Both forms are equivalent, and the choice between SOCKS variants comes down to one detail, who resolves DNS. The four practical SOCKS commands look like this: shell```shell # SOCKS4 (TCP only, no IPv6, no authentication) curl -x socks4://proxy.example.com:1080 https://web-scraping.dev/products # SOCKS5 with local DNS resolution curl -x socks5://proxy.example.com:1080 https://web-scraping.dev/products # SOCKS5 with remote DNS resolution (recommended) curl -x socks5h://proxy.example.com:1080 https://web-scraping.dev/products # Equivalent dedicated flag form curl --socks5-hostname proxy.example.com:1080 https://web-scraping.dev/products ``` The commands above each tunnel one request to `web-scraping.dev/products` through the SOCKS proxy. The destination sees the proxy's outbound IP, which is the same behavior as for HTTP proxies, so the test target stays the same regardless of which proxy protocol is in play. ### What Is the Difference Between socks5 and socks5h in cURL? The trailing `h` in `socks5h://` stands for "hostname" and tells cURL to send the domain name to the proxy unresolved, then let the proxy run the DNS lookup. Without the `h`, cURL resolves the hostname locally before sending the destination IP to the proxy, which means the local DNS resolver sees every domain the scraper visits. The table below summarizes who handles DNS resolution and which IP version each variant supports: | SOCKS variant | Who resolves DNS | IPv6 support | cURL flag | |---|---|---|---| | socks4 | cURL (local) | No | `--socks4` | | socks4a | Proxy (remote) | No | `--socks4a` | | socks5 | cURL (local) | Yes | `--socks5` | | socks5h | Proxy (remote) | Yes | `--socks5-hostname` | The DNS-leak issue matters most in two scenarios. On a corporate or ISP network where the local resolver is logged, `socks5://` exposes the entire browsing path to whoever owns those logs. On a privacy-sensitive scraping job, the same leak can map a scraper to a specific upstream resolver even when every other signal is anonymized. For a deeper treatment of SOCKS5 versus HTTP at the protocol level, including encryption and IPv6 behavior, the comparison guide covers the rest of the picture. [SOCKS5 vs HTTP Proxy: Key Differences and When to Use EachA deep dive into the key differences between HTTPS and SOCKS proxies, helping you choose the right protocol for your web scraping needs.](https://scrapfly.io/blog/posts/https-vs-socks-proxies) ## How Do You Set a Proxy Using Environment Variables? Set the `http_proxy` or `https_proxy` environment variable, and cURL will use the variable automatically without any `-x` flag on the command. Environment variables are the right pick when an entire shell session, script, or CI job should route through the same proxy without rewriting every command. The full set of variables cURL respects is small, and each variable has a specific scope: shell```shell # Per-protocol proxy (one per scheme) export http_proxy="http://proxyuser:proxypass@proxy.example.com:8080" export https_proxy="http://proxyuser:proxypass@proxy.example.com:8080" # Single proxy for every protocol cURL might use export ALL_PROXY="http://proxy.example.com:8080" # Bypass list, comma-separated hosts and patterns export NO_PROXY="localhost,127.0.0.1,.internal.example.com" # cURL now picks up the proxy automatically curl https://web-scraping.dev/products # Stop using the proxy unset http_proxy https_proxy ALL_PROXY NO_PROXY ``` The block above sets a proxy for HTTP and HTTPS traffic, defines a fallback `ALL_PROXY` for any other scheme, and excludes `localhost`, the loopback address, and every subdomain of `internal.example.com` from the proxy. The `unset` command at the end fully restores the environment so subsequent cURL calls go direct. `NO_PROXY` understands a few patterns that often surprise engineers. A leading dot (`.example.com`) matches every subdomain of the parent. A bare hostname (`example.com`) matches only the exact host. Since cURL 7.86.0, CIDR notation is also supported (`192.168.0.0/16`), and the literal value `*` bypasses every host. On Windows, the same variables work in `cmd` with `set` instead of `export`, and PowerShell uses `$env:http_proxy = "..."`. ### Why Is http\_proxy Lowercase Only? `http_proxy` is the only proxy environment variable that must be lowercase, because uppercase `HTTP_PROXY` is reserved for CGI use and accepting it from the environment would expose web servers to the [httpoxy](https://httpoxy.org/) vulnerability. Web servers traditionally translate incoming HTTP headers into `HTTP_*` environment variables for CGI scripts, so a request with a `Proxy:` header would silently inject `HTTP_PROXY=attacker.example` into the script's environment. Every other proxy variable accepts both cases (`HTTPS_PROXY`, `https_proxy`, `ALL_PROXY`, `NO_PROXY`), but `http_proxy` is hardcoded to lowercase only as a defense against header injection. The rule applies to cURL, libcurl, Python's `requests`, Go's `net/http`, and most other HTTP clients that follow the same convention. A bridge from environment variables to a more permanent setup is a natural next step. Environment variables die when the shell exits, so a per-machine setting belongs in a config file. ## How Do You Set a Permanent Proxy in cURL With .curlrc? Add a `proxy` line to `~/.curlrc` (or `%APPDATA%\_curlrc` on Windows), and every cURL invocation on the system will route through the proxy automatically. The `.curlrc` file is read by cURL on every run, so any option that works on the command line also works as a default in this file. The setup is two lines on Linux and macOS, and the same pattern with a different file location on Windows: shell```shell # Linux and macOS echo 'proxy = "http://proxyuser:proxypass@proxy.example.com:8080"' >> ~/.curlrc chmod 600 ~/.curlrc # Windows (cmd) echo proxy = "http://proxyuser:proxypass@proxy.example.com:8080" >> %APPDATA%\_curlrc # Verify the proxy is being picked up curl https://web-scraping.dev/products ``` The first command appends a single `proxy = "..."` line to the user's `.curlrc`, and the `chmod 600` step locks the file down so other users on the machine cannot read the embedded credentials. The verification call to `web-scraping.dev/products` should now route through the proxy without any `-x` flag on the command, which `curl -v` confirms in the `CONNECT` line of the trace. A few rules govern the file's behavior. The `-x` flag on the command line always overrides the `.curlrc` proxy, so `.curlrc` defines the default and individual commands can opt out. The file accepts almost any cURL option, one per line, with quoted values when the value contains spaces or special characters. Comments start with `#`. Multiple options live on separate lines, which keeps the file diff-friendly under version control. For the rest of what `.curlrc` can configure (timeouts, user-agent strings, retry policies), the cURL web scraping guide covers the broader option set in the same file. Scrapfly #### Scale your web scraping effortlessly Scrapfly handles proxies, browsers, and anti-bot bypass — so you can focus on data. [Try Free →](https://scrapfly.io/register)## How Do You Bypass or Disable a Proxy in cURL? Use `--noproxy "*"` to bypass every proxy setting for a single request, regardless of whether the proxy was set via `-x`, environment variable, or `.curlrc`. The flag is a one-shot escape hatch that does not require touching the rest of the configuration. The most common bypass and override patterns sit in a single block: shell```shell # Bypass every proxy for one request only curl --noproxy "*" https://web-scraping.dev/products # Bypass the proxy for specific hosts (overrides NO_PROXY) curl --noproxy "localhost,127.0.0.1,.internal.example.com" https://web-scraping.dev/products # Override the env-var proxy with a different one for a single call curl -x http://other-proxy.example.com:9090 https://web-scraping.dev/products # Quick toggle aliases for ~/.bashrc or ~/.zshrc alias proxyon='export http_proxy="http://proxyuser:proxypass@proxy.example.com:8080"; export https_proxy="$http_proxy"' alias proxyoff='unset http_proxy https_proxy ALL_PROXY NO_PROXY' ``` The four commands above cover the four practical bypass cases. The first skips the proxy entirely for one call, the second skips the proxy only for a list of hosts, the third points cURL at a different proxy without changing the environment, and the last pair defines shell aliases for toggling proxy use across an entire session. A working proxy configuration is only half the job, because most cURL proxy issues only show up at runtime as cryptic errors. The next section covers the three error classes that account for almost every reported failure. ## How Do You Troubleshoot cURL Proxy Errors? Most cURL proxy failures fall into three buckets, SSL certificate errors (exit code 60), authentication rejections (HTTP 407), and DNS or connection failures, and each bucket has a small set of fixes that resolve the vast majority of cases. A short verbose-mode run against `web-scraping.dev/products` looks like this: shell```shell curl -v -x http://proxy.example.com:8080 https://web-scraping.dev/products ``` The verbose output above shows the TCP connection to the proxy, the `CONNECT` tunnel for HTTPS targets, the proxy authentication exchange if any, and the final response from the target. Reading the trace from top to bottom usually reveals which step failed, which is far more efficient than guessing at flags. ### How Do You Fix SSL Certificate Errors With a cURL Proxy? cURL exit code 60 (`SSL certificate problem: unable to get local issuer certificate`) means the TLS handshake against the proxy failed because cURL could not validate the proxy's certificate. The error is most common with HTTPS proxies that present a self-signed or corporate CA certificate that the system trust store does not include. Two fixes apply, one for development and one for production. shell```shell # Development, skip TLS verification on the proxy connection curl -k -x https://proxy.example.com:443 https://web-scraping.dev/products # Production, trust the proxy's CA certificate explicitly curl --proxy-cacert /path/to/proxy-ca.crt -x https://proxy.example.com:443 https://web-scraping.dev/products ``` The first command disables certificate validation for the proxy connection only, which is fine while debugging but exposes the connection to man-in-the-middle attacks in real use. The second command tells cURL to trust a specific CA without disabling validation, which is the right answer when a corporate IT team runs the proxy under its own CA. ### How Do You Fix HTTP 407 Proxy Authentication Errors? `HTTP 407 Proxy Authentication Required` means the proxy rejected the credentials, refused the chosen authentication method, or expected a method that cURL did not advertise. Three checks resolve almost every case. - Verify the credentials are exact. Shell quoting and special characters often corrupt the password before it reaches the proxy, so paste the user and password into an isolated test command first. - Confirm the expected auth method with the proxy operator (Basic, Digest, NTLM, or Negotiate). - Force the method explicitly with `--proxy-basic`, `--proxy-digest`, `--proxy-ntlm`, `--proxy-negotiate`, or `--proxy-anyauth`. A common pitfall on corporate networks is mismatched character sets, where a non-ASCII character in the password is encoded differently by cURL and the proxy. ### How Do You Fix "Could Not Resolve Proxy" Errors? `Could not resolve proxy` means the proxy hostname did not resolve via the system DNS. Three quick checks isolate the cause. - Try the proxy's IP address directly to confirm the proxy itself is reachable. - Run `nslookup` or `dig` against the proxy hostname to see whether the local resolver knows about it. - On a VPN or split-tunnel setup, check whether the proxy hostname only resolves through the corporate DNS, which the VPN may route for some traffic but not for cURL's libcurl resolver. ### How Do You Test if cURL Is Using Your Proxy? The fastest reliable test is to run the same request with `-v` twice, once without the proxy and once with it, and confirm the verbose trace shows cURL connecting to the proxy. Because `web-scraping.dev/products` does not echo the caller's IP, the verbose trace (not the response body) is the machine-verifiable signal that the proxy is actually in the request path. shell```shell # Direct call: cURL connects straight to the target curl -v https://web-scraping.dev/products # Same call through the proxy: the trace connects to the proxy first curl -v -x http://proxy.example.com:8080 https://web-scraping.dev/products ``` The two runs above differ in their verbose output: the proxied call shows `Connected to proxy.example.com` and, for an HTTPS target, an `Establish HTTP proxy tunnel` / `CONNECT` step before the target response. If the proxied run connects directly to the target instead, cURL is silently bypassing the proxy. The most common silent-bypass cause is a `NO_PROXY` rule that matches the target hostname (often via a leading dot), followed by a `.curlrc` `proxy = ""` line that nulls out the inherited setting. For deeper visibility, `curl -v` reveals every intermediate step (DNS resolution, TCP connect, TLS handshake, proxy CONNECT, response headers), and `curl --trace-ascii trace.log` writes a full byte-level trace to a file for offline review. For broader anti-detection context (when even a working proxy is not enough), the IP-blocking guide covers the patterns that trigger a target to start refusing requests. [How to Avoid Web Scraper IP Blocking?How IP addresses are used in web scraping blocking. Understanding IP metadata and fingerprinting techniques to avoid web scraper blocks.](https://scrapfly.io/blog/posts/how-to-avoid-web-scraping-blocking-ip-addresses) ## Scaling cURL Proxies With ScrapFly For teams that need rotating proxies, anti-bot bypass, and geographic targeting without running their own proxy infrastructure, [Scrapfly](https://scrapfly.io/web-scraping-api) exposes the same capabilities behind a single API endpoint that cURL can call directly. The integration follows the same `-x` flag pattern documented above, so existing scraping scripts pick up rotation and unblocking with a one-line change. ScrapFly's [Web Scraping API](https://scrapfly.io/web-scraping-api) is a single HTTP endpoint for collecting web data at scale, with a **99.99% success rate** across **130M+ proxies in 190+ countries**. - [Anti-Scraping Protection bypass](https://scrapfly.io/docs/scrape-api/anti-scraping-protection) - automatically defeats Cloudflare, DataDome, PerimeterX, Akamai, and 90+ other bot systems. - [Smart proxy rotation](https://scrapfly.io/docs/scrape-api/proxy) - residential and datacenter pools with country and ASN level geo-targeting. - [JavaScript rendering](https://scrapfly.io/docs/scrape-api/javascript-rendering) - render SPAs and dynamic pages through real cloud browsers. - [Browser automation scenarios](https://scrapfly.io/docs/scrape-api/javascript-scenario) - scroll, click, fill forms, and wait for elements without managing a browser fleet. - [Format conversion](https://scrapfly.io/docs/scrape-api/getting-started#api_param_format) - return pages as HTML, JSON, clean text, or LLM ready Markdown. - [Session management](https://scrapfly.io/docs/scrape-api/session) - keep cookies, headers, and IPs consistent across multi step flows. - [Smart caching](https://scrapfly.io/docs/scrape-api/getting-started#api_param_cache) - cache successful responses to cut cost on repeat scraping jobs. - [Python](https://scrapfly.io/docs/sdk/python), [TypeScript](https://scrapfly.io/docs/sdk/typescript), [Scrapy](https://scrapfly.io/docs/sdk/scrapy), and [no-code integrations](https://scrapfly.io/docs/integration/getting-started) including Make, n8n, Zapier, LangChain, and LlamaIndex. The minimum cURL invocation against the Scrapfly API looks like this: shell```shell curl --proxy "http://scrp-YOUR_API_KEY:render_js=true,country=us@proxy.scrapfly.io:8123" \ -k https://web-scraping.dev/products ``` The command above sends a single GET request through Scrapfly's proxy endpoint, with JavaScript rendering and US geolocation enabled via the proxy username. The `-k` flag is included because the proxy returns a Scrapfly-signed certificate by default, and `web-scraping.dev/products` is fetched through the rotating outbound IP that Scrapfly assigned to the call. The full reference (every supported parameter, sticky sessions, ASN targeting) lives in the [Scrapfly documentation](https://scrapfly.io/docs). Self-managed proxy pools remain a perfectly valid choice for teams with existing infrastructure or strict residency requirements, and the configuration techniques covered earlier in this guide apply unchanged in either direction. ## FAQ What Is the Default Proxy Port for cURL?When no port is specified on the proxy URL, cURL defaults to port `1080` for HTTP and SOCKS proxies, and port `443` for HTTPS proxies. Most proxy providers expose ports `8080`, `8000`, or `3128` for HTTP and `1080` for SOCKS, so always specify the port explicitly to avoid silent connection failures. Does cURL Use the System Proxy by Default?cURL automatically reads `http_proxy`, `https_proxy`, `ALL_PROXY`, and `NO_PROXY` from the environment on every run, so any proxy set in the shell session applies without an `-x` flag. To force a single command to skip the environment, pass `--noproxy "*"`. How Do You Use a Proxy With cURL on Windows?The `-x` flag works identically on Windows. For a permanent setting, create `_curlrc` (underscore, not dot) in `%APPDATA%`. For environment variables, use `set http_proxy=...` in `cmd`, `$env:http_proxy = "..."` in PowerShell, or System Properties for a global value. Can You Use Multiple Proxies With a Single cURL Command?cURL supports only one proxy per request. Rotation needs a wrapper script that cycles through a list, a local rotating proxy that fans out to several upstreams, or a managed proxy service. A Bash array of proxy URLs picked with `RANDOM` works for small lists but skips health checks and per-target affinity. ## Conclusion cURL exposes five practical ways to use a proxy, and they are not interchangeable. Each one maps to a different scope, from a single request to every cURL invocation on the machine. Use `-x` for one-off requests, environment variables for a session or CI job, `.curlrc` for permanent setups, `-U` for proxy auth, and `--noproxy` to bypass for one call. Two traps are worth remembering. Uppercase `-U` targets the proxy and lowercase `-u` targets the server, so swapping them sends the password to the wrong endpoint. For production scraping where rotation, anti-bot bypass, and certificate management should not be managed in-house, [Web Scraping API](https://scrapfly.io) handles all three behind one API call, with HTTP and SOCKS5 backends both available. Table of Contents Table of Contents- [Key Takeaways](#key-takeaways) - [How Do You Set a Proxy in cURL With the Command Line?](#how-do-you-set-a-proxy-in-curl-with-the-command-line) - [How Do You Authenticate With a Proxy in cURL?](#how-do-you-authenticate-with-a-proxy-in-curl) - [What Is the Difference Between -U and -u in cURL?](#what-is-the-difference-between-u-and-u-in-curl) - [How Do You Configure a SOCKS Proxy in cURL?](#how-do-you-configure-a-socks-proxy-in-curl) - [What Is the Difference Between socks5 and socks5h in cURL?](#what-is-the-difference-between-socks5-and-socks5h-in-curl) - [How Do You Set a Proxy Using Environment Variables?](#how-do-you-set-a-proxy-using-environment-variables) - [Why Is http\_proxy Lowercase Only?](#why-is-http-proxy-lowercase-only) - [How Do You Set a Permanent Proxy in cURL With .curlrc?](#how-do-you-set-a-permanent-proxy-in-curl-with-curlrc) - [How Do You Bypass or Disable a Proxy in cURL?](#how-do-you-bypass-or-disable-a-proxy-in-curl) - [How Do You Troubleshoot cURL Proxy Errors?](#how-do-you-troubleshoot-curl-proxy-errors) - [How Do You Fix SSL Certificate Errors With a cURL Proxy?](#how-do-you-fix-ssl-certificate-errors-with-a-curl-proxy) - [How Do You Fix HTTP 407 Proxy Authentication Errors?](#how-do-you-fix-http-407-proxy-authentication-errors) - [How Do You Fix "Could Not Resolve Proxy" Errors?](#how-do-you-fix-could-not-resolve-proxy-errors) - [How Do You Test if cURL Is Using Your Proxy?](#how-do-you-test-if-curl-is-using-your-proxy) - [Scaling cURL Proxies With ScrapFly](#scaling-curl-proxies-with-scrapfly) - [FAQ](#faq) - [Conclusion](#conclusion) Join the Newsletter Get monthly web scraping insights Scale Your Web Scraping Anti-bot bypass, browser rendering, and rotating proxies, all in one API. Start with 1,000 free credits. No credit card required 1,000 free API credits Anti-bot bypass included [Start Free](https://scrapfly.io/register) [View Docs](https://scrapfly.io/docs/onboarding) Not ready? Get our newsletter instead. ## Explore this Article with AI [ ChatGPT ](https://chat.openai.com/?q=Summarize%20this%20page%3A%20https%3A%2F%2Fscrapfly.io%2Fblog%2Fposts%2Fcurl-with-proxy) [ Gemini ](https://www.google.com/search?udm=50&aep=11&q=Summarize%20this%20page%3A%20https%3A%2F%2Fscrapfly.io%2Fblog%2Fposts%2Fcurl-with-proxy) [ Grok ](https://x.com/i/grok?text=Summarize%20this%20page%3A%20https%3A%2F%2Fscrapfly.io%2Fblog%2Fposts%2Fcurl-with-proxy) [ Perplexity ](https://www.perplexity.ai/search/new?q=Summarize%20this%20page%3A%20https%3A%2F%2Fscrapfly.io%2Fblog%2Fposts%2Fcurl-with-proxy) [ Claude ](https://claude.ai/new?q=Summarize%20this%20page%3A%20https%3A%2F%2Fscrapfly.io%2Fblog%2Fposts%2Fcurl-with-proxy) ## Related Articles [ curl ### How to Use cURL GET Requests Here's everything you need to know about cURL GET requests and some common pitfalls you should avoid. ](https://scrapfly.io/blog/posts/how-to-use-curl-get-requests) [ proxies ### SOCKS5 vs HTTP Proxy: Key Differences and When to Use Each A deep dive into the key differences between HTTPS and SOCKS proxies, helping you choose the right protocol for your web... ](https://scrapfly.io/blog/posts/https-vs-socks-proxies) [ curl ### Guide to using JSON with cURL Learn how to send JSON with `cURL` using files, inline data, environment variables, and `jq`. Includes real-world exampl... ](https://scrapfly.io/blog/posts/how-to-curl-json) ## Related Questions - [ Q How to Set cURL Authentication - Full Examples Guide ](https://scrapfly.io/blog/answers/how-to-set-authorization-with-curl-full-examples-guide) - [ Q How to Copy as cURL With Brave? ](https://scrapfly.io/blog/answers/how-to-copy-as-curl-with-brave) - [ Q How to Copy as cURL With Safari? ](https://scrapfly.io/blog/answers/how-to-copy-as-curl-with-safari) - [ Q How to Copy as cURL With Edge? ](https://scrapfly.io/blog/answers/how-to-copy-as-curl-with-edge) Premium rotating proxies for scraping, **1,000 free credits** [Start Free](https://scrapfly.io/register)