How to Configure Wget to Use a Proxy with Authentication?

Configuring the wget command-line utility to route its traffic through a proxy server requiring authentication is a straightforward process. This can be achieved either temporarily for a single command by defining environment variables or using command-line switches, or permanently by modifying the global or user-specific configuration files. This article provides a step-by-step guide on how to implement these methods securely, ensuring your credentials remain protected while downloading files.

Method 1: Using Environment Variables (Temporary)

The quickest way to configure wget to use a authenticated proxy is by setting environment variables in your terminal before running the command. This method applies to the current terminal session only.

You need to set variables for both HTTP and HTTPS traffic, depending on the URL you are downloading. Run the following commands in your terminal, replacing username, password, proxy_ip, and port with your actual proxy details:

export http_proxy="http://username:password@proxy_ip:port"
export https_proxy="http://username:password@proxy_ip:port"

If your password contains special characters (like @, :, or /), you must URL-encode them. For example, if your password is P@ss, it should be written as P%40ss. Once set, any wget command you run in that session will automatically route through the proxy.

Method 2: Using Command-Line Switches (Single Use)

If you only need to use the proxy for a single, specific download and do not want to alter your environment variables, you can pass the proxy configuration directly into the wget command using switches.

wget -e use_proxy=yes -e http_proxy="http://username:password@proxy_ip:port" http://example.com/file.zip

For secure connections (HTTPS), the command adjusts slightly:

wget -e use_proxy=yes -e https_proxy="http://username:password@proxy_ip:port" https://example.com/file.zip

The -e flag executes the proxy command as if it were read from a configuration file, making it a highly reliable method for one-off tasks.

Method 3: Modifying the .wgetrc File (Permanent)

For a permanent solution that persists across system reboots and terminal sessions, you can add your proxy settings directly to the configuration file. You can configure this for a single user by editing ~/.wgetrc, or system-wide for all users by editing /etc/wgetrc.

1. Open the file in a text editor (e.g., nano ~/.wgetrc).
2. Add the following lines to the file:

use_proxy = on
http_proxy = http://username:password@proxy_ip:port/
https_proxy = http://username:password@proxy_ip:port/

3. Save and close the file.

Because your password will be stored in plain text within this file, it is critical to secure the file permissions so other users on the system cannot read it. You can restrict access by running:

chmod 600 ~/.wgetrc

This ensures that only your user account has permission to read and write to the file.