The 407 error code is a common frustration for proxy users. It is similar to the 401 error code that pops up when HTTP basic authentication fails, but in this case it is the client’s proxy server that fails to authenticate.
Usually, what happens is this: The server running the website that you wish to connect to believes that your web browser sent the correct HTTP data stream, but can’t access the actual resource because the proxy server making the request needs authentication that hasn’t been provided.
Users relying on proxy servers that require authentication will need to log in with their user ID and password before being able to use their proxy successfully. In most cases, your proxy server provider will have given you this information, so simply logging into your proxy service will solve the problem.
However, there are many cases when 407 Proxy Authentication Required services persist. This can be unusual for users who assume they are logged in and that their systems should be able to resolve their HTTP requests without issue.
But as is so often the case, the relationship between the client system, a web application, a web server, and third-party proxies is a complex one. There are plenty of ways for communication between these systems to break down and produce a 407 error. But many of these are entirely preventable, and some are easy to fix.
How to Fix 407 Proxy Authentication Required Error Messages
Whenever you get an error message in the 400s, it means you’re looking at some kind of client-side error. The client – you, your web browser and the proxy it uses to access the Internet – is making a bad request that the web server cannot fulfill.
Confusingly, misconfigured servers can produce 407 Proxy Authentication Required errors, too. A quick way to determine whether or not this is the case is trying to access multiple different websites, or even trying to access the same URL from a different path, such as by clicking on a different link that leads to it.
If you only get a 407 error for a particular web server accessed in a particular way, then you probably will have to contact the system administrator to troubleshoot the server. If that’s you and it’s your server, there are some things you can do – and we’ll cover them below. But first, let’s diagnose the client-side aspect of the error code.
Diagnosing the 407 Proxy Authentication Required Error
When making requests, proxy servers need to send a special header to web servers. This is called the Proxy-Authenticate header. In its most simple form, the header features the following syntax:
Proxy-Authenticate: <type> realm=<realm>
<Type> refers to one of several authentication schemes. The simplest (and the one the majority of users are likely to have to deal with) is called Basic. It consists of only a Username and Password.
<Realm> describes the actual scope of protected information that authentication is supposed to give the client.
Once the client receives this header, the proxy server’s user agent should respond with the corresponding request header. This header has the same form, except since the realm element is already established, it asks for the user credentials:
Proxy-Authenticate: <type> <credentials>
In this case, <credentials> will contain the values the authentication scheme requires. For Basic that means the correct Username and Password values in the following format: Username:Password. If you do this manually, you’ll find that the Password value is immediately encoded into base 64.
Assuming the information is correct, inputting your login credentials should solve the issue. In its simplest form, this would be how you fix the 407 Proxy Authentication Required error in a headless browser.
How to Resolve Client-Side 407 Errors
If inputting your proxy login credentials doesn’t solve the 407 error, there are some quick client-side fixes that you can implement to resolve the issue.
Of all the causes of 407 Proxy Authentication Required errors, inputting an incorrect URL is the most common. Highly secure web servers don’t allow unexpected requests to resources user agents don’t have access to.
If you accidentally attempt to access the wrong web resources using a proxy, the web server may produce a 407 Proxy Authentication Required error. This is why attempting to request the web resource from a different path can often resolve the issue.
Popular content management systems (CMS) like WordPress, Drupal, and Joomla! are typically capable of handling proxy server requests right out of the box. But users who make modifications to these systems’ underlying PHP code can end up accidentally breaking their proxy compatibility.
If you recently upgraded your content management platform, or added new extensions or modules, you may have to downgrade it to the most recent version that worked with your proxy service. Generally, it’s easier to uninstall extensions and plugins before downgrading an entire CMS, so this is a good place to start.
If this doesn’t solve the problem, there is a possibility that uninstalling CMS plugins did not revert the changes they made in the underlying CMS database. This is particularly true of WordPress extensions, which tend to enjoy full database permissions – allowing them to modify records that don’t specifically have to do with the extension in question.
For the most part, you have to verify your login credentials, verify the URL you are attempting to reach, and then start working backwards through your CMS until you reach a stable working version that accepts your proxy service. You may even have to contact the individual extension developer for support.
Server-Side Troubleshooting for 407 Errors
If you do not use a CMS platform, or are otherwise convinced that it isn’t causing the problem at hand, you may be able to manually change your server configuration to prevent the 407 Proxy Authentication Required error.
First, determine what web server software your application runs on. The overwhelming majority of web servers run on either Apache or nginx – so this is a good place to start.
To find out which server software your web application uses, you’ll need to find a key file. For Apache, this is the .htaccess file, located in the website filesystem’s root directory.
You can then open the .htaccess file in a text editor and look for lines featuring directives with the form ProxyXXX. These will be part of the proxy module mod_proxy.
There are almost unlimited ways these directives can be formatted, and covering every possibility it outside the scope of this article. But if you familiarize yourself with the most basic examples, you may be able to identify strange or out-of-place proxy directives in your file.
You can test specific directives by commenting them out (just add # to the line in question to disable it) and seeing if that makes a different.
If you are using nginx, you will need to search for a different server configuration file. The default name for this file is nginx.conf, and it is located in one of the server filesystem’s common directories – usually in the usr/local directory or nested somewhere in it.
Once you find it, you will need to look for directives that start with “proxy_”. Examples include Proxy_Set_Header, Proxy_read_timeout, and proxy_pass.
Look for unusual directives and try commenting out individual lines with # to see if your specific set of directives is causing your server to mishandle proxy server requests and generate 407 Proxy Authentication Required errors.
Again, users familiar with nginx will have a significant advantage here. Consider learning how the basics of nginx work or outsourcing the task to an experienced systems administrator.
If none of these approaches work, or you are using a different web server software, you may wish to verify your server-side logs to find information on what specifically produced the 407 Proxy Authentication Required error.
These logs will offer information on what pages were requested, what servers were connected to, and what database results were offered as a result. Each of these items of information could potentially hold the secret key to fixing 407 Proxy Authentication Required errors that don’t seem to originate in client-side software.
Are Your Proxies the Problem?
High quality proxies are developed with compatibility in mind. Whereas cheap, low-quality proxies may serve simple purposes suitably well, users attempting more complex functions may soon hit a brick wall of 407 errors and related problems.
When that happens, changing your proxy service provider is one of the easiest ways to resolve the issue without painstakingly verifying CMS plugins or diving into Apache or nginx configuration files. You may find that more carefully coded proxies, delivered alongside world-class customer support, may be just the answer you need to get rid of troublesome 407 Proxy Authentication Required errors for good.