This add-on is operated by IPBurger, LLC
Static Dedicated IP Address for Secure Outbound Requests via HTTP(S) and SOCKS5
IPBurger Static IPs
Last updated June 26, 2024
Table of Contents
- Provisioning the add-on
- The difference between SOCKS5 and HTTP/HTTPS proxy
- End-to-end encryption of HTTPS requests
- Using with languages that don’t support SOCKS5 proxies
- Local setup
- Use with Ruby
- Use with Python
- Use with Node.js
- Use with Java
- Use with Go
- Use with PHP
- Use with cURL
- Use with SSH and SCP
- Removing the add-on
- FAQ
- Support
- Privacy
IPBurger is an add-on that provides Heroku applications the ability to proxy their app network output through a SOCKS5 or HTTP/HTTPS proxy under a fixed, static IP. IPBurger is language and framework agnostic.
Without IPBurger, your Heroku application makes requests from an unpredictable and impermanent set of IP addresses. Because Heroku IPs are dynamic, it can be difficult to securely integrate Heroku applications with services that allowlist a fixed IP, including certain APIs and services that operate behind a corporate firewall.
IPBurger acts as a proxy for outbound traffic, tunneling your requests through a known IP address. Each IPBurger subscriber is assigned a particular IP address. This address can be used anywhere you need a fixed IP: API providers, firewall configurations, etc.
IPBurger provides customers with three standard proxy URLs, one for SOCKS5, one for HTTP and the other to HTTPS, all of which can be used to make requests from any server-side language, including Ruby, Python, Node, Java, and Go. IPBurger can also be used by cURL and other command-line tools.
Provisioning the add-on
IPBurger can be attached to a Heroku application via the CLI. You can provide the --location option which will grant you an IP from that particular location. You can specify the “Country Code” of any of these locations:
| Flag | Country Code | Fullname |
|---|---|---|
| 🇦🇺 | au | Australia |
| 🇨🇦 | ca | Canadá |
| 🇩🇪 | de | Germany |
| 🇫🇷 | fr | France |
| 🇬🇧 | uk | United Kingdom |
| 🇺🇸 | us | United States |
$ heroku addons:create ipburger --app your-app-name --location=ca
-----> Creating ipburger on ⬢ your-app-name... free
IPBurger provision successful.
Your Static Dedicated IP Address: 192.99.41.203
Created ipburger-rectangular-80571 as IPB_HTTP, IPB_HTTPS, IPB_SOCKS5
Use heroku addons:docs ipburger to view documentation
Config vars
After you provision IPBurger, the IPB_SOCKS5, IPB_HTTPS, IPB_HTTP and IPB_MYIP config vars are available in your app’s configuration. They contain the full URL you should use to proxy your requests and which is the static IP assigned to you.
You can confirm the vars using the heroku config:get command:
term
$ heroku config:get --app your-app-name IPB_SOCKS5
username:password@54-39-189-181.ip.ipb.cloud:8040
Plans
While provisioning you can choose between three different plans:
Free
heroku addons:create --app your-app-name ipburger:free
Free, the default plan. If while provisioning you don’t specify a plan, the free plan will be picked. Useful for testing and trying the addon out before paying it. It works similar to the other plans, with the exception that it has a expiration date of two days and a strict requests and bandwidth limit. After two days your free plan will expire and you won’t be able to use the IP anymore.
When your trial period expires your provisioned addon config vars will change from their values to null, meaning you don’t have access to that particular IP anymore.
Warning
Free plans have some provision limitations, which are:
- If a user has any active plan (free, professional or enterprise), he won’t be able to provision more free plans.
- There can be only one active free plan per app.
- A one month cooldown period will be activated after a Heroku customer or team provides a free plan.
- It means that after provisioning a free plan you’ll be able to do it again only after one month.
- If you require immediate usage of the IPB addon, we recommend you provision a paid plan for that.
- If something went wrong with your first free plan trial and you require a new free plan for another two days trial, please enter in contact with our support staff and let them know of your needs. Email: support@ipburger.com
Professional
heroku addons:create --app your-app-name ipburger:professional
Professional, fit for use in production with unlimited term, no expiration date, unlimited requests and 1TB of maximum bandwidth.
Enterprise
heroku addons:create --app your-app-name ipburger:enterprise
Enterprise, same as professional with the added benefit of having unlimited bandwidth as well. Use it as much as you need!
Upgrading plans
If you’re using a ‘free’ plan and want to upgrade it to a ‘professional’ or ‘enterprise’ plan you can run this command on the CLI:
heroku addons:upgrade --app your-app-name ipburger-addon-name:professional
You can also upgrade plans through the dashboard. More instructions available here.
Please keep in mind that once the IPB addon has been upgraded to a paid plan it can’t be changed back to being free.
After installing IPBurger, your application should be configured to fully integrate with the add-on. See more below.
The difference between SOCKS5 and HTTP/HTTPS proxy
IPBurger provides a IP address via a SOCKS V5 or HTTP and HTTPS proxy. As such, SOCKS5 is capable of proxying any TCP connection. You can make HTTP and HTTPS requests via SOCKS5, but using a HTTP/HTTPS proxy is generally a better fit for that use case. SOCKS5 is perfect for making requests to databases, FTP servers, and other lower-level connections because it allows you to tunnel arbitrary TCP connections.
End-to-end encryption of HTTPS requests
When your application makes a request to an HTTPS resource via IPBurger, your application sends a CONNECT request to IPBurger. This request instructs IPBurger to open a TCP connection to the remote host. Once this connection has been established, IPBurger transparently tunnels this connection. Neither IPBurger nor any other party has the ability to decrypt this traffic. The proxy negotiation (the initial CONNECT request to IPBurger) happens in the clear, but the connection with the remote host remains encrypted end-to-end.
Using with languages that don’t support SOCKS5 proxies
Some languages do not provide native support for SOCKS5 proxies. Where this is the case, there are other options for using SOCKS5 under IPBurger.
There are several utilities that transparently proxy requests over SOCKS5. Popular options include Dante Socksify client, tsocks, and proxychains. Some of these utilities require some caveats: Dante only works on linux, so is not a good option if you develop locally on Mac or Windows. tsocks is not threadsafe, so is not a good choice for some applications.
Alternately, socat can be used to establish port-forwarding through IPBurger. Socat will establish a tunnel through IPBurger and bind to a local port through which your service can make requests.
Local setup
Environment setup
If you wish to use IPBurger to proxy requests while developing locally, it is necessary to locally replicate the IPB_* environment variables.
Use the Heroku Local command-line tool to configure, run and manage process types specified in your app’s Procfile. Heroku Local reads configuration variables from a .env file. To view all of your app’s config vars, type heroku config. Use the following command for each value that you want to add to your .env file:
$ heroku config:get --app your-app-name IPB_SOCKS5 -s >> .env
$ heroku config:get --app your-app-name IPB_HTTPS -s >> .env
$ heroku config:get --app your-app-name IPB_HTTP -s >> .env
Credentials and other sensitive configuration values should not be committed to source-control. In Git exclude the .env file with: echo .env >> .gitignore.
For more information, see the Heroku Local article.
Use with Ruby
HTTP Proxy
You can use IPBurger with any Ruby http client. Included are examples of using it with Net::HTTP from the standard library and with popular rest-client or faraday gems.
Using rest-client:
require 'rest-client'
RestClient.proxy = ENV["IPB_HTTP"]
response = RestClient.get("http://google.com")
Using faraday:
require 'faraday'
conn = Faraday.new(:url => "http://google.com", :proxy => ENV["IPB_HTTP"])
response = conn.get
Using httparty:
proxy = URI.parse ENV['IPB_HTTP']
HTTParty.get(
"http://google.com",
http_proxyaddr: proxy.host,
http_proxyport: proxy.port,
http_proxyuser: proxy.user,
http_proxypass: proxy.password
)
Using Net::HTTP from the standard library:
require 'net/http'
_, username, password, host, port = ENV["IPB_HTTP"].gsub(/(:|\/|@)/,' ').squeeze(' ').split
uri = URI("http://google.com")
request = Net::HTTP.new(uri.host, uri.port, host, port, username, password)
response = request.get(uri)
HTTPS Proxy
Using Typhoeus
require 'typhoeus'
_, username, password, host, port = ENV["IPB_HTTPS"].gsub(/(:|\/|@)/,' ').squeeze(' ').split
# Set target server information
target_uri = 'https://ipinfo.io/json'
# Make a request using the proxy
response = Typhoeus.get(
target_uri,
proxy: "https://#{host}:#{port}",
proxyuserpwd: "#{username}:#{password}"
)
puts response.body
Use with Python
HTTP/HTTPS proxy
IPBurger is compatible with various HTTP client libraries, including the standard library’s urllib and the popular third-party requests package. This document provides guidance on routing HTTP/HTTPS requests through IPBurger using these libraries.
Using requests with IPBurger.
import os, requests
proxyDict = {
"http" : os.environ.get('IPB_HTTP', ''),
"https" : os.environ.get('IPB_HTTPS', '')
}
r = requests.get('http://www.example.com', proxies=proxyDict)
print(r.text)
HTTP proxy
Using urllib to send a specific request through IPBurger:
import os
import urllib.request
proxy = urllib.request.ProxyHandler({
'http': os.environ.get('IPB_HTTP', '')
})
auth = urllib.request.HTTPBasicAuthHandler()
opener = urllib.request.build_opener(proxy, auth, urllib.request.HTTPHandler)
response = opener.open('http://www.example.com')
html = response.read()
print(html)
To route all outbound traffic through IPBurger, set the http_proxy and https_proxy environment variables, requests module respect these variables, allowing for global routing through IPBurger:
import os, requests
os.environ['http_proxy'] = os.environ.get('IPB_HTTP', '')
os.environ['https_proxy'] = os.environ.get('IPB_HTTPS', '')
requests.get("http://www.example.com")
Troubleshooting:
If you encounter issues with HTTPS proxies not working with the requests or urllib modules, consider upgrading the respective modules using the following commands:
For requests: pip install --upgrade requests.
For urllib3: pip install --upgrade urllib3
This ensures you have the latest versions with improved functionality and security fixes.
SOCKS5 Proxy
You can also use the popular requests library to use the SOCKS5 proxy provided by IPBurger:
import requests
import os
proxies = {'http': "socks5h://" + os.environ['IPB_SOCKS5'],
'https': "socks5h://" + os.environ['IPB_SOCKS5'] }
response = requests.get('http://ifconfig.co', proxies=proxies)
print response.content
Use with Node.js
HTTP Proxy
IPBurger works with the higher-level http clients, including the popular request NPM module.
If you use the request module, you can use IPBurger for specific requests:
const request = require('request')
const proxyRequest = request.defaults({'proxy': process.env.IPB_HTTP});
proxyRequest('http://www.example.com', (err, res, body) => {
console.log(`Got response: ${res.statusCode}`);
});
HTTPS Proxy
Using node-libcurl npm module, the free and easy-to-use client-side URL transfer library, supporting protocols like HTTP, HTTPS, FTP, FTPS, SCP, SFTP, TFTP, LDAP and more.
const { Curl } = require('node-libcurl');
// Create a new Curl instance
const curl = new Curl();
// Set the URL you want to request
curl.setOpt('URL', 'https://ipinfo.io/json');
// Set the proxy URL
const proxyUrl = process.env.IPB_HTTPS;
curl.setOpt('PROXY', proxyUrl);
// Set the proxy type (HTTP or SOCKS5, depending on your proxy)
curl.setOpt('PROXYTYPE', Curl.PROXY_HTTPS); // or Curl.PROXY_SOCKS5
// Set up event handlers
curl.on('end', (statusCode, data, headers) => {
console.log(`Status Code: ${statusCode}`);
console.log('Data:', data);
console.log('Headers:', headers);
curl.close();
});
curl.on('error', (error, errorCode) => {
console.error(`Error ${errorCode}: ${error.message}`);
curl.close();
});
// Perform the request with error handling
try {
curl.perform();
} catch (error) {
console.error('An error occurred while performing the request:', error);
curl.close();
}
SOCKS5 Proxy
With Node.js, the general pattern is to establish a SOCKS5 connection using a client library like socksjs and then provide this stream to the database driver, request library, or other library of your choosing.
Connecting to MySQL
MySql2 connects via a SOCKS5 connection provided as the stream property. This example uses connection pooling.
Connecting to Postgres or Amazon Redshift
As with mysql, you can pass a custom stream to the node-postgres library. This will work both for connections to Postgres databases as well as to Amazon Redshift, here’s a example.
Use with Java
HTTP/HTTPS proxy
You can use IPBurger with any HTTP library. Popular options include Apache HttpClient and OkHttp.
Using HttpClient
import java.io.IOException;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import org.apache.http.HttpHost;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.UsernamePasswordCredentials;
import org.apache.http.client.config.RequestConfig;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.client.BasicCredentialsProvider;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.impl.client.ProxyAuthenticationStrategy;
import org.apache.http.util.EntityUtils;
public class ProxyExample {
private static final String IPB_HTTPS = System.getenv("IPB_HTTPS"); // replace with IPB_HTTP for IPBurger HTTP proxy
public static void main(String[] args) throws KeyManagementException, NoSuchAlgorithmException, IOException, InterruptedException {
String proxyUrl = IPB_HTTPS;
final String URL = "ipinfo.io";
String[] proxyValues = proxyUrl.split("[/(:\\/@)/]+");
String schema = proxyValues[0];
String proxyUser = proxyValues[1];
String proxyPassword = proxyValues[2];
String proxyHost = proxyValues[3];
int proxyPort = Integer.parseInt(proxyValues[4]);
BasicCredentialsProvider credsProvider = new BasicCredentialsProvider();
credsProvider.setCredentials(new AuthScope(proxyHost, proxyPort),
new UsernamePasswordCredentials(proxyUser, proxyPassword));
HttpHost proxy = new HttpHost(proxyHost, proxyPort, schema);
CloseableHttpClient httpclient = HttpClientBuilder.create()
.setProxyAuthenticationStrategy(new ProxyAuthenticationStrategy()).setDefaultCredentialsProvider(credsProvider).setProxy(proxy)
.build();
RequestConfig config = RequestConfig.custom().build();
HttpHost target = new HttpHost(URL, 443, schema); // replace port 443 to 80 for IPBurger HTTP proxy
HttpGet httpget = new HttpGet("/");
httpget.setHeader("Connection", "close");
httpget.setConfig(config);
try (CloseableHttpResponse response = httpclient.execute(target, httpget)) {
System.out.println(EntityUtils.toString(response.getEntity()));
}
catch(Exception ex) {
System.out.println("Error " + ex.getMessage());
}
httpclient.close();
}
}
Using OkHTTP
package proxy.client;
import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.Proxy;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import java.util.concurrent.TimeUnit;
import javax.net.ssl.SSLSocketFactory;
import okhttp3.Authenticator;
import okhttp3.ConnectionPool;
import okhttp3.Credentials;
import okhttp3.OkHttpClient;
import okhttp3.OkHttpClient.Builder;
import okhttp3.Request;
import okhttp3.Response;
import okhttp3.Route;
public class ProxyOkHttpClient {
private static final String IPB_HTTP = System.getenv("IPB_HTTP");
private static final String IPB_HTTPS = System.getenv("IPB_HTTPS");
private final String schema;
private final String username;
private final String password;
private final String proxyHost;
private final int proxyPort;
private OkHttpClient client;
public ProxyOkHttpClient(String schema, String username, String password, String proxyHost, int proxyPort) {
this.schema = schema;
this.username = username;
this.password = password;
this.proxyHost = proxyHost;
this.proxyPort = proxyPort;
}
private void initClient() throws NoSuchAlgorithmException, KeyManagementException {
InetSocketAddress proxyAddr = new InetSocketAddress(proxyHost, proxyPort);
Proxy proxy = new Proxy(Proxy.Type.HTTP, proxyAddr);
Authenticator proxyAuthenticator = new Authenticator() {
@Override
public Request authenticate(Route route, Response response)
throws IOException {
String credential = Credentials.basic(username, password);
return response
.request()
.newBuilder()
.header("Proxy-Authorization", credential)
.build();
}
};
Builder builder = new OkHttpClient.Builder()
.connectTimeout(90, TimeUnit.SECONDS)
.readTimeout(90, TimeUnit.SECONDS)
.writeTimeout(90, TimeUnit.SECONDS)
.proxy(proxy)
.proxyAuthenticator(proxyAuthenticator);
if(schema.equals("https")) {
builder.socketFactory(SSLSocketFactory.getDefault());
}
client = builder.build();
}
public String sendRequest(String address) {
if (client == null) {
try {
initClient();
} catch (KeyManagementException | NoSuchAlgorithmException e) {
return e.getMessage();
}
}
Request request = new Request.Builder().url(address).build();
try (Response response = client.newCall(request).execute()) {
return response.body().string();
} catch (IOException e) {
e.printStackTrace();
return "Error";
}
}
public static void main(String[] args) throws KeyManagementException, NoSuchAlgorithmException, IOException, InterruptedException {
String proxyUrl = null;
//final String URL = "https://phet-dev.colorado.edu:443/html/build-an-atom/0.0.0-3/simple-text-only-test-page.html";
final String URL = "http://ipinfo.io";
if(URL.startsWith("https"))
proxyUrl = IPB_HTTPS;
else
proxyUrl = IPB_HTTP;
int numberRequest = Integer.parseInt("5");
String[] proxyValues = proxyUrl.split("[/(:\\/@)/]+");
String schema = proxyValues[0];
String proxyUser = proxyValues[1];
String proxyPassword = proxyValues[2];
String proxyHost = proxyValues[3];
int proxyPort = Integer.parseInt(proxyValues[4]);
ProxyOkHttpClient httpClient = new ProxyOkHttpClient(schema, proxyUser, proxyPassword, proxyHost, proxyPort);
for(int i = 0; i < numberRequest; i++) {
String response = httpClient.sendRequest(URL);
System.out.println("Response : " + response);
}
}
}
SOCKS5 Proxy
Java supports a system property socksProxyHost, which can be used to route every outbound request through IPBurger. Additionally, Java 7 introduced ProxySelector, which can be used to conditionally proxy requests depending on the hostname.
Here’s how to proxy all outbound requests through IPBurger SOCKS5 Proxy:
URL proxy = new URL(System.getenv("IPB_SOCKS5"));
String[] proxyUserInfo = proxy.getUserInfo().split(':');
String proxyUser = proxyUserInfo[0];
String proxyPassword = proxyUserInfo[1];
System.setProperty("socksProxyHost", proxy.getHost());
Authenticator.setDefault(new ProxyAuthenticator(proxyUser, proxyPassword));
//...
private class ProxyAuthenticator extends Authenticator {
private final PasswordAuthentication passwordAuthentication;
private ProxyAuthenticator(String user, String password) {
passwordAuthentication = new PasswordAuthentication(user, password.toCharArray());
}
@Override
protected PasswordAuthentication getPasswordAuthentication() {
return passwordAuthentication;
}
}
Use with Go
HTTP/HTTPS proxy
To use IPBurger for specific http requests, you can create a custom http.Client:
package main
import (
"crypto/tls"
"fmt"
"io/ioutil"
"net/http"
"net/url"
"os"
"time"
)
func main() {
proxyURL, err := url.Parse(os.Getenv("IPB_HTTPS")) // IPB_HTTP
if err != nil {
fmt.Println("Error parsing proxy URL:", err)
return
}
transport := &http.Transport{
Proxy: http.ProxyURL(proxyURL),
MaxIdleConns: 100,
IdleConnTimeout: 30 * time.Second,
DisableKeepAlives: true,
DisableCompression: true,
TLSClientConfig: &tls.Config{InsecureSkipVerify: false},
}
client := &http.Client{
Timeout: 100 * time.Second,
Transport: transport,
}
requestURL := "https://ipinfo.io"
resp, err := client.Get(requestURL)
if err != nil {
fmt.Println("Error making GET request:", err)
return
}
defer resp.Body.Close()
body, err := ioutil.ReadAll(resp.Body)
if err != nil {
fmt.Println("Error reading response body:", err)
return
}
fmt.Printf("read: %s", string(body))
}
If you intend to use IPBurger for all outbound requests, an alternative is to use the HTTP_PROXY and HTTPS_PROXY environment variables. Go honors these environment variables by default. You can set HTTP_PROXY and HTTPS_PROXY in your application, typically in main.go:
package main
import (
"net/http"
"os"
"io/ioutil"
)
func main () {
os.Setenv("HTTP_PROXY", os.Getenv("IPB_HTTP"))
os.Setenv("HTTPS_PROXY", os.Getenv("IPB_HTTPS"))
resp, err := http.Get("http://google.com")
if (err != nil) {
println(err.Error())
return
}
defer resp.Body.Close()
body, err := ioutil.ReadAll(resp.Body)
println(string(body))
}
SOCKS5 Proxy
Golang’s net/proxy package provides a SOCKS5 proxy dialer that can be used with IPBurger. This dialer can be used for any TCP connection. This example uses it to make an HTTP request.
Use with PHP
HTTP/HTTPS Proxy
You can use PHP cURL to get your PHP application working correctly with IPBurger. Here’s how:
<?php
function proxyRequest() {
$proxy = getenv("IPB_HTTPS");
$ch = curl_init("https://ipinfo.io");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_PROXY, $proxy);
$response = curl_exec($ch);
curl_close($ch);
return $response;
}
$response = proxyRequest();
print($response);
?>
Use with cURL
cURL accepts a --socks5-hostname argument:
curl --socks5-hostname $IPB_SOCKS5 http://example.com
Use with SSH and SCP
SSH and SCP accept a ProxyCommand option. Using this option, you can pass in an ncat command that establishes a connection via the IPBurger SOCKS5 proxy. This requires ncat v7 or newer.
Ncat does not accept proxy authentication via the standard proxy url schema, so instead you must provide it as a separate argument:
ssh -o ProxyCommand='ncat --proxy-type socks5 --proxy YOUR-IPB-SOCKS5-DOMAIN-AND-PORT --proxy-auth USERNAME:PASSWORD %h %p' serveruser@server.ip.address
Removing the add-on
You can remove IPBurger via the CLI:
$ heroku --app your-app-name addons:destroy ipburger
-----> Removing ipburger from sharp-mountain-4005... done, v20 (free)
FAQ
Do you offer Dedicated Static IPs?
Yes! All our IPs are guaranteed to be dedicated, after provision the IP is yours for your usage only and you can be sure it will stay that way.
What happens when I reach my usage limit?
That’s the best about IPBurger, there are no usage limits! We enjoy giving our customers the freedom to use their IP as much as they want to.
I’ve forgotten which is my Static IP!
Your IP is available to you in the config var IPB_MYIP. Check the config vars of the app you provisioned IPBurger and it’ll be there.
What region does IPBurger run in?
IPBurger is provided by IPBurger LLC, a VPN company with several years of experience and many customers being served good, high quality IPs across the world. We have IPs on several locations.
Can I access MySQL or Postgres through this?
Yes we have many users doing this. If you are using Node.js you can also configure the SOCKS5 proxy in your Javascript code to access MySQL or Postgres.
I can’t access the dashboard!
Right now our dashboard is under development. Soon you’ll have it fully ready, a place for you to check the bandwidth usage and other important information about the usage of the addon.
Support
All IPBurger support and runtime issues should be submitted via one of the Heroku Support channels.
Privacy
IPBurger is committed to protecting your privacy. We want you to understand what information we collect, what we don’t collect, and how we collect, use, and store information. We do not collect logs of your activity, including no logging of browsing history, traffic destination, data content, or DNS queries. We also never store connection logs, meaning no logs of your IP address, your outgoing VPN IP address, connection timestamp, or session duration.
Our guiding principle toward data collection is to collect only the minimal data required to operate a world-class VPN service at scale. We designed our systems to not have sensitive data about our customers; even when compelled, we cannot provide data that we do not possess.
Our full privacy policy document is available here.