EZproxy
Find support materials about EZproxy.
EZproxy 7.2.12 Released
You can now download and update to EZproxy 7.2.12. If you have not already upgraded to EZproxy V6.x, you will need to obtain an OCLC Web Service Key (WSKey).
This release was built with OpenSSL 1.1.1o to provide access to the most up-to-date security configuration options. You can find more information about these updates and others in the EZproxy release notes.
- Install and update EZproxy
- Find the tools and resources required for installing EZproxy and downloading updates.
- EZproxy configuration
- This guide provides you with resources to understand and configure EZproxy using directives in your EZproxy files.
- Add a database stanza
- Configure EZproxy to run as a Windows service
- Configure high availability
- Configure OpenSSL directives
- Create search widgets to proxied resources
- EZproxy system elements
- Integrate EZproxy with other OCLC services
- Integrate ILLiad with your local authentication system via EZproxy
- Introduction to database stanza directives
- Migrate to Proxy by Hostname
- Proxy by hostname Windows DNS configuration
- Set limits for your institution
- Starting point URLs and config.txt
- Understanding URLs and database stanzas
- Config.txt directives
- This page provides an alphabetical listing of directives that can be used in the config.txt file to configure EZproxy and databases.
- Config.txt directive conventions
- AddUserHeader
- AllowIP
- AllowVars
- AnonymousURL
- Audit
- AuditPurge
- AutoLoginIP
- AutoLoginIPBanner
- BinaryTimeout
- Books24x7Site
- ByteServe
- CASServiceURL
- Charset
- ClientTimeout
- ConnectWindow
- Cookie
- CookieFilter
- DbVar
- DenyIfRequestHeader
- Description
- DNS
- DomainJavaScript (DJ)
- Domain (D)
- EBLSecret
- ebrarySite
- EncryptVar
- ExcludeIP
- ExcludeIPBanner
- ExtraLoginCookie
- Find & Replace
- FirstPort
- ForceHTTPSLogin
- FormSelect
- FormSubmit
- FormVariable
- Gartner
- Groups
- HAName
- HAPeer
- HostJavaScript (HJ)
- Host (H)
- HTTPHeader
- HTTPMethod
- Identifier
- IncludeFile
- IncludeIP
- Interface
- IntruderIPAttempts
- IntruderLog
- IntruderUserAttempts
- IntrusionAPI
- LBPeer
- Location
- LogFile
- LogFilter
- LogFormat
- LoginCookieDomain
- LoginCookieName
- LoginMenu
- LoginPort
- LoginPortSSL
- LogSPU
- MaxConcurrentTransfers (MC)
- MaxLifetime (ML)
- MaxSessions (MS)
- MaxVirtualHosts (MV)
- MessagesFile
- MetaFind
- MimeFilter
- Name
- NeverProxy
- Option AcceptX-Forwarded-For
- Option AllowWebSubdirectories
- Option AnyDNSHostname
- Option BlockCountryChange
- Option Cookie, Option DomainCookieOnly, Option NoCookie, Option CookiePassThrough
- Option CSRFToken
- Option DisableSSL40bit
- Option DisableSSL56bit
- Option DisableSSLv2
- Option ExcludeIPMenu
- Option ForceHTTPSAdmin
- Option ForceWildcardCertificate
- Option HideEZproxy
- Option HttpsHyphens
- Option IgnoreWildcardCertificate
- Option IPv6
- Option I choose to use Domain lines that threaten the security of my network
- Option LoginReplaceGroups
- Option LogReferer
- Option LogSAML
- Option LogSession
- Option LogSPUEdit
- Option LogUser
- Option MenuByGroups
- Option MetaEZproxyRewriting
- Option NoCookie
- Option NoHideEZproxy
- Option NoHttpsHyphens
- Option NoMetaEZproxyRewriting
- Option NoProxyFTP
- Option NoUTF16
- Option NoX-Forwarded-For
- Option ProxyByHostname
- Option ProxyFTP
- Option RecordPeaks
- Option RedirectUnknown
- Option ReferInHostname
- Option RelaxedRADIUS
- Option RequireAuthenticate
- Option SafariCookiePatch
- Option StatusUser
- Option TicketIgnoreExcludeIP
- Option UnsafeRedirectUnknown
- Option UsernameCaretN
- Option UTF16
- Option X-Forwarded-For
- OverDriveSite
- P3P
- PDFRefresh
- PDFRefreshPre & PDFRefreshPost
- PidFile
- ProxyHostnameEdit
- Proxy & ProxySSL
- RADIUSRetry
- RedirectSafe
- Referer
- RejectIP
- RemoteIPHeader, RemoteIPInternalProxy & RemoteIPTrustedProxy
- RemoteTimeout
- RunAs
- ShibbolethDisable
- SkipPort
- SPUEdit
- SPUEditVar
- SQLiteTempDir
- SSLCipherSuite
- SSLHonorCipherOrder
- SSLOpenSSLConfCmd
- SSOUsername
- Title
- TokenKey
- TokenSignatureKey
- UMask
- URLAppendEncoded (replaced by URL -Append -Encoded)
- URLRedirectAppendEncoded (replaced by URL -Redirect -Append -Encoded)
- URLRedirectAppend (replaced by URL -Redirect -Append)
- URLRedirect (replaced by URL -Redirect)
- URL (version 1)
- URL (version 2)
- URL (version 3)
- UsageLimit
- Validate
- XDebug
- EZproxy Administration
- The EZproxy Administration page provides access to a variety of configuration, logging, monitoring, security, and test options. Access to these administrative options can be necessary to configure and maintain many of the settings described throughout this support site.
- EZproxy database stanzas
- Find all of the database stanzas maintained by OCLC, organized alphabetically, to provide access to specific e-resources in EZproxy.
- Database stanzas
- Database stanzas - #
- Database stanzas - A
- Database stanzas - B
- Database stanzas - C
- Database stanzas - D
- Database stanzas - E
- Database stanzas - F
- Database stanzas - G
- Database stanzas - H
- Database stanzas - I
- Database stanzas - J
- Database stanzas - K
- Database stanzas - L
- Database stanzas - M
- Database stanzas - N
- Database stanzas - O
- Database stanzas - P
- Database stanzas - Q
- Database stanzas - R
- Database stanzas - S
- Database stanzas - T
- Database stanzas - U
- Database stanzas - V
- Database stanzas - W
- Database stanzas - Z
- Authenticate users (user.txt)
- The EZproxy user.txt file is the place where you will customize your authentication settings to control who is able to access your proxied resources. The documentation listed below provides details about directives that can be used to customize your authentication settings, details about supported authentication methods, and additional authentication configurations.
- Manage EZproxy
- EZproxy provides many options to customize your software to meet the needs of your institutions. These customizations do not need to be configured for EZproxy to provide your remote users with proxied access to resources; however, these configurations can help you to secure your server, tracks EZproxy usage, and customize your users' experience.
- Secure your EZproxy server
- EZproxy directives and configurations offer administrators multiple options for securing your server, monitoring security concerns, and identifying and neutralizing compromised accounts.
- SSL configuration
- Secure your EZproxy server
- Export a Windows certificate
- EZproxy cookie blocked
- Identify compromised credentials
- Network address translation (NAT)
- Options for securing your EZproxy server
- Prepare a Windows certificate for EZproxy import
- Renew your SSL certificate
- Sample secure EZproxy server
- Security rules configuration
- SSL certificate options
- EZproxy for content providers
- Find information about EZproxy for content providers.
- Technical notes
- Technical notes for EZproxy users.
- Add a second IP address to an existing network adapter on Linux
- Add a second IP address to an existing network adapter on Windows
- Adobe Contribute and starting point URLs
- EZproxy for Windows error select returned 10055
- Importing a PEM-formatted certificate into EZproxy
- Microsoft ISA Server configuration details
- NetZero HiSpeed
- Rotating ezproxy.log on Linux
- Rotating ezproxy.log on Windows
- Use socket level logging to generate a Fiddler compliant log file
- Vendor IP address verification URLs
- Windows Firewall in WindowsXP Service Pack 2
- EZproxy release notes and known issues
- Find EZproxy release notes and known issues. Release notes are documents that contain information about new product features and enhancements as installed in scheduled releases.
- Troubleshooting
- Find frequently asked questions (FAQ) and troubleshooting steps (Troubleshooting) for EZproxy.
- Access-Control-Allow-Origin CORS error
- All my patrons are signing in with the username Shibboleth in EZproxy, what should I do to possibly fix this?
- Are parenthesis necessary in a custom stanza?
- Are the Hosted EZproxy Servers TLS 1.2 and 1.3 compliant?
- A vendor has requested that we Flush the DNS cache, how do I do this and are there any ramifications?
- A vendor is asking me for some test credentials for EZproxy, where do I get those?
- Can EZproxy be run on a Windows Server with the IIS role enabled
- Can I add non-routable or private network IP addresses to my ExcludeIP or AutologinIP directives on my hosted EZproxy server?
- Can I get notified when a Security rule is tripped?
- Can I use EZproxy with Cloudflare?
- Can not connect to resource off-campus
- Can we write up an EZproxy stanza for Amazon?
- Can you run EZproxy as a Docker container?
- Cookie banner keeps coming up in EZproxy session
- Does EZproxy require to have Adobe Acrobat?
- Does EZproxy require VPN
- Does EZproxy support Google reCAPTCHA?
- Does OCLC have any Marketing Materials for EZproxy that a Library may use?
- Does our Hosted EZproxy prefix start with HTTP or HTTPS
- Does subscribing to EZproxy require an annual renewal? Will I lose access to resources if my library does not renew?
- Do I need to update EZproxy if a resource updates their IP?
- Do we need to send anything to OCLC if we are a Hosted EZproxy site and our LDAP certificate is expiring and we are replacing the certificate?
- End of support for EZproxy 5.7.44
- Error message: License Key Expired too far in the future
- EZproxy 7.1 and the RunAs directive
- EZproxy Admin SSL page does not load
- EZproxy link results in a page full of symbols
- EZproxy SAML Error Assertion is signed; signature is invalid or node path "/samlp:Response/*[3]/*"
- EZproxy Self Service - How to make changes to EZproxy
- EZproxy Server Error - Please tell your server administrator to check messages.txt for a Max Virtual Hosts error
- EZproxy will run on any 64 bit Server.
- Featured EZproxy Troubleshooting articles
- Getting OpenFileMapping failed (2) No such file or directory or EZproxy failed to start
- Hosted EZproxy frequently asked questions
- How can I make EZproxy update when the certificates on my SSO are updated
- How can I tell if the stanza I expect is authorizing the EZproxy connection to a website
- How does EZproxy work with Multi-Factor Authentication (MFA)
- How do I access previous Hosted EZproxy logfiles and statistics?
- How do I add a new resource to my OCLC Hosted EZproxy configuration?
- How do I add a Resource-Stanza-Database to EZproxy?
- How do I block expired users in EZproxy when using SIP authentication?
- How do I bypass my SSO to submit EZproxy credentials
- How do I clear stuck Orphan hosts in EZproxy
- How do I "comment out" a stanza in EZproxy?
- How do I configure EZproxy to go to FirstSearch?
- How do I create a certificate signing request from EZproxy
- How do I find my EZproxy IP address?
- How do I find out if we have EZproxy as one of our services?
- How do I fix EZproxy error ebrary request for site XXXXXX to host site.ebrary.com failed: 1
- How do I generate metadata for SAML connection to EZproxy?
- How do I get a Hosted EZproxy HEVCAT report?
- How do I get EZproxy to use OCLC basic World Share authentication
- How do I get Lean Library Access browser extension access to our Hosted EZproxy?
- How do I get my local users authenticated access without EZproxy prompting for login?
- How do I get my OCLC hosted EZproxy log retention adjusted
- How do I get the default security rules modified on OCLC hosted EZproxy
- How do I make minor updates to EZproxy documentation pages
- How do I modify EZproxy configuration files in the Hosted environment?
- How do I remove resource from my Hosted EZproxy configuration?
- How do I resolve an "Unable to locate address for ... website" error when using EZproxy?
- How do I resolve a 400 bad request error with EZproxy
- How do I see EZproxy monthly usage data and statistics?
- How do I set up a link to go to a site directly under EBSCOhost?
- How do I set up open access resources with EZproxy
- How do I tell what IP address EZproxy is getting from a computer
- How do I turn off TLS 1.0 and TLS 1.1 protocols in EZproxy
- How do I update my admin email for EZprozy ?
- How do I update my Privacy Policy on my Hosted EZproxy login page?
- How do I upgrade a hosted EZproxy server
- How do I upgrade to the latest version?
- How long are the logs kept for Hosted EZproxy
- How to Block a User or Barcode in EZproxy when using SIP authentication
- How to change the logo on your Login Page for EZproxy
- How do I create a WorldShare Account to request a WSKey for EZproxy?
- How to find your EZproxy version
- How to make changes or update EZproxy self-service email notifications?
- How to use EZproxy TEST -RE to match attributes with CAS Authentication
- HSTS and EZproxy
- If I am authenticated with EZproxy and open up a new window in my browser, should I still be authenticated with EZproxy?
- If I restart EZproxy, will it disconnect the current sessions?
- If the EZproxy Reports are missing that have a .zip extension, who do I contact to get them retrieved?
- In EZproxy, what do I do with my link I am going to have a trial to a Database that will end and then a month later it will be a regular subscription?
- In EZproxy, when I go to the Statista site, I keep on getting a pop-up message requesting to allow cookies no matter what I do on the site.
- Is Apache web server used in EZproxy
- Is EZproxy affected by the Log4j or the CVE-2021-44228 vulnerability?
- Is EZproxy FedRAMP compliant?
- Is EZproxy protected against CVE-2022-22963 & CVE-2022-22965 Spring Cloud vulnerability?
- Is EZproxy vulnerable to Springshell?
- I am an EZproxy Self-Hosted site, and I cannot find my WsKey
- I am an EZproxy self-service site, and I am having troubles updating the production site
- I am an EZproxy vendor, and I need to verify that a Hosted EZproxy site has an IP address only used by that site
- I am a service provider and a site is sending me an IP address to add for their EZproxy that seems odd, how do I troubleshoot the IP address?
- I am getting a message "This web property is not accessible via this address" when using Worldcat.org with EZproxy
- I am having an issue opening PDF files with EZproxy when using Wiley Database
- I am not receiving email notifications from my EZproxy server
- I am self-hosted EZproxy site and I want to know if I need a new license for a test environment?
- I am trying to go to our EZproxy Database and I see a blank page
- I cannot connect to a resource through our Hosted EZproxy
- I get an error message for incorrect username or password when signing in to my Hosted EZproxy FTP files
- I have added an EZproxy stanza but off-campus access to the resource still does not work
- I made a change in our Config.txt and now the EZproxy server will not start
- I received an email about an EZproxy Survey and I need a copy sent to someone else
- My vendor is asking me to Login or Subscribe when I proxy their site with EZproxy
- New ASTM Compass stanza and access URLs
- OVID Licensing error
- Target URL is not accessible on EZproxy, even though using approved EZproxy stanza.
- Taylor & Francis, IPv6 and hosted EZproxy
- Troubleshooting single user access issues via EZproxy.
- Upgrading your EZproxy to latest version on the same server
- Upload Patron Parser for Hosted EZproxy
- UUconnect messages in EZproxy messages file
- We are a Hosted EZproxy site, and I need a copy of my Config.txt file
- What could be causing the response: server took to long to respond?
- What do I do if I have to add more than one Exclude IP directive in my EZproxy Config.txt file?
- What is our Hosted EZproxy Domain name?
- What is the best way to have a site or a Database added if we are hosted by OCLC EZproxy?
- What is the maximum URL length EZproxy can process?
- When a patron signs in with their barcode, it is showing up with a bunch of ascii characters as the username
- When using EZproxy how do I resolve an "This web property is in accessible via this address"
- Who do I contact with EZproxy Analytics support requests
- Who do I go to if I want to create a search box to a Vendor's site that replicates their search box?
- Why am I getting an SSL error with EZproxy when being redirected
- Why am I getting a 404 error for Hosted EZproxy log listing page
- Why am I getting a database provider sign in screen when using EZproxy and VPN
- Why am I getting a sign-in screen from the provider site when using EZproxy
- Why am I getting a sign in screen from EZproxy when on campus
- Why am I getting a browser warning of ERR CERT COMMON NAME INVALID after updating the SSL certificate on EZproxy
- Why am I getting browser warning from my EZproxy server?
- Why am I getting directed to the visiblebody marketing page when using EZproxy
- Why am I getting error File missing: docs\suspend.htm from EZproxy
- Why am I getting ERR EMPTY RESPONSE intermittently when using EZproxy
- Why am I getting failed to map response from EZproxy to UserObjectResponse when trying to login to Tipasa
- Why am I getting the EZproxy menu page instead of my page
- Why am I getting the EZproxy menu page when using an encoded URL as the target URL
- Why am I getting the EZproxy need host error screen when try to access E-Libro when I already have a stanza
- Why am I getting the "Inter-institutional access failure. Please contact your system administrator for assistance." error when using SAML authentication and EZproxy?
- Why am I having a problem loading PDF's in browser from a specific resource while using EZproxy
- Why am I having problems downloading PDFs from Wiley Online Library when using EZproxy
- Why am I having problems extracting my Hosted EZproxy log files that end in .gz?
- Why am I not seeing all of my log files for OCLC hosted EZproxy
- Why am I seeing -1 Can't contact LDAP server showing up in my EZproxy messages file
- Why am I seeing a different SSL certificate than what is active on my EZproxy server
- Why am I seeing encoded characters after I download and unzip my monthly usage reports for Hosted EZproxy using web log retrieval
- Why am I seeing "LDAP bind failed to xxx.xxx.xxx.xxx: -1 Can't contact LDAP server" in my EZproxy messages.txt file
- Why am I unable to delete my Hosted EZproxy log files?
- Why am I unable to get the full admin screen after upgrading EZproxy
- Why am I unable to proxy cloudfront domains with EZproxy
- Why and I am getting a socket error when trying to validate my EZproxy WSkey
- Why aren't all of the log files visible in the OCLC hosted EZproxy web log retrieval site
- Why are my users not authenticating after loading a new file to OCLC hosted EZproxy
- Why are my users not being asked to login to EZproxy?
- Why are some of my EZproxy links allowing remote access without requiring authentication
- Why are some resource sites displaying only encoded characters when using EZproxy?
- Why can't I use a proxied link in documents?
- Why does my proxied URL have dashes?
- Why do .gif and .jpg files placed in the docs directory appear as broken images when referenced from login.htm?
- Why is EZproxy crashing after adding a stanza
- Why is LDAP bind failed to XXX.XXX.XXX.XXX: 49 Invalid credentials showing in my EZproxy messages.txt file
- Why is my EZproxy getting directed to my old EZproxy when the link is showing my new EZproxy prefix
- Why is my username showing as shibboleth after upgrading EZproxy
- Why is the expired SSL certificate activated every time I run a build in OCLC Hosted EZproxy
- Why is the EZproxy Manage SSL Certificates screen not loading
- Will EZproxy be supported with the planned browser privacy features being introduced by Google and others
- Windows error 1067
- EZproxy Training
- Find training on EZproxy
- OCLC Community Center: EZproxy community
- Find more information about the Community Center. Current EZproxy product users may join the OCLC Community Center to connect with peers and OCLC staff on product workflows, attend webinars, and provide feedback on the product.