Windows 10 Proxy Script

Posted on  by admin
-->

Applies to:

Do you ever worry about your online identity? One thing people do to protect their identity online is to make use of proxy servers.

The Defender for Endpoint sensor requires Microsoft Windows HTTP (WinHTTP) to report sensor data and communicate with the Defender for Endpoint service. The embedded Defender for Endpoint sensor runs in system context using the LocalSystem account. The sensor uses Microsoft Windows HTTP Services (WinHTTP) to enable communication with the Defender for Endpoint cloud service.

Anonymous proxy servers hide your real IP, which is useful if you're unable to access different sites or need added privacy.

Still, manually switching your browser's proxy settings based on location (whether your home or office) can quickly become a hassle. To save time, you can use a script to change proxy settings on Windows 10.

The WinHTTP configuration setting is independent of the Windows Internet (WinINet) browsing proxy settings (see, WinINet vs. WinHTTP). It can only discover a proxy server by using the following discovery methods:

  • Don't worry if you aren't a programmer, it just takes a little knowledge.

    • With these three useful scripts, you can easily modify your proxy settings for your browser.

    • Before we get into the ways that you can automate your computer through scripting, let's take a quick look at the manual way people can do this.

      Maybe, you already know how to test your home network speed---it's one of the first things you should check if you're ever having Internet connection problems.

      However, not everyone has explored their Local Area Network (LAN) settings on Internet Explorer or Microsoft Edge. Typically, you want your proxy settings to be set to Automatically detect settings when you're at home or at a public hotspot.

  • However, at work, you'll want to set up a proxy server.

    • Depending on whether you're using Internet Explorer or Microsoft Edge, how you get to your settings will differ.

    • MAKEUSEOF VIDEO OF THE DAY. Follow these steps to get access to your proxy server settings on Internet Explorer:. Open Internet Explorer.

Press Alt+X and scroll down to Internet options.

Click on the Connections tab. Press the LAN settings button. Modify your proxy server settings as needed.

Configure the proxy server manually using a registry-based static proxy

Configure a registry-based static proxy for Defender for Endpoint detection and response (EDR) sensor to report diagnostic data and communicate with Defender for Endpoint services if a computer isn't permitted to connect to the Internet.

Under Local Area Network (LAN) settings, you either have a proxy server turned on or off.

This is the setting that you want to toggle when you switch from your home network to a work network. You can also use it if you want to switch to running under a "cloaked" anonymous IP server.

  • Unlike Internet Explorer, Microsoft Edge manages its proxy settings under Windows 10's Network & Internet settings.
  • For the fastest way to access your proxy server options for Microsoft Edge, follow these steps:.
  • Press the Windows start button. Press the gear icon to open Settings.
  • Click on Network & Internet. On the left side-bar, click on Proxy.
  • Adjust your proxy setup as needed. As an alternative, you can also find these proxy settings in your Registry Editor (Type regedit into the Run app).

This is what you want your proxy scripts to edit. By changing the registry settings, you're essentially changing those settings in the LAN Settings window.

The static proxy is configurable through group policy (GP), both the settings under group policy values should be configured to the proxy server for using EDR. The group policy is available in Administrative Templates.

  • If you still have questions on what is a proxy server, it can help to brush up before diving into these scripts. When using scripts, you need to only toggle those settings when and where you want to.

    There are three scenarios that these scripts will cover, but you can tweak the code to your liking.

  • You can put the script in your startup folder so that it launches whenever you boot your computer, or you can just run the scripts whenever you want your computer to automatically set the correct IP settings.

    The three ways these scripts will function include:.

Group PolicyRegistry keyRegistry entryValue
Configure authenticated proxy usage for the connected user experience and the telemetry serviceHKLM\Software\Policies\Microsoft\Windows\DataCollectionDisableEnterpriseAuthProxy1 (REG_DWORD)
Configure connected user experiences and telemetryHKLM\Software\Policies\Microsoft\Windows\DataCollectionTelemetryProxyServerservername:port or ip:port
For example: 10.0.0.6:8080 (REG_SZ)

Configure a static proxy for Microsoft Defender Antivirus

Microsoft Defender Antivirus cloud-delivered protection provides near-instant, automated protection against new and emerging threats. Note, the connectivity is required for custom indicators when Defender Antivirus is your active anti-malware solution. For EDR in block mode has primary anti-malware solution when using a non-Microsoft solution.

Configure the static proxy using the Group Policy available in Administrative Templates:

  1. It prompts the user to enable an anonymous proxy for Internet access. It prompts the user to type in the name of the proxy server they want to use.

  2. It automatically checks whether you're home (or not) and sets the appropriate proxy server settings. The cool thing about Windows Scripting Host is that each of these options isn't that hard to do.

  3. This script will pop-up a message box asking whether or not the user wants to use a proxy server. If yes, then the script will enable proxy servers and fill in a hard-coded anonymous proxy server.

    You need to tweak the script to use your anonymous proxy. With that said, here's what the script looks like.

Make sure to locate the placeholder address and port (http://www.youareanonymous.com:80) and replace it below.

Simply copy and paste the above script into a blank Notepad file. Then save it with a .vbs extension (i.e. When you run it, you'll see the following prompt. A "Yes" loads the specified proxy as your proxy server and sets "ProxyEnable" to 1.

A "No" sets the proxy to the default (all zeros) and disables the proxy setting. The other approach is to ask the user what exact server they want to use. This allows the flexibility of changing the proxy server constantly without the need to edit the script itself.

You can do this by simply changing the "MsgBox" command in the original code to an "InputBox." Once again, paste the contents into Notepad and save the file with a .vbs extension. When you save this as a .vbs file and run it, the following window will appear. Just type in your preferred proxy server, click okay, and your Internet settings automatically update. This next script is a bit more flexible, so it's also a little longer.

But what it can do is check your current IP address. If it is within the expected range when you're on your home IP, it won't use a proxy server.

  • If it appears you're not on your typical home IP, it'll automatically configure your Internet with a proxy server that you can hard code into the script.
  • Simply copy this script into a Notepad file and save it with a .vbs extension to try it out.
  • When you run it at home, it recognizes your home IP and disables the anonymous proxy.

If you were on a public hotspot, it would recognize the foreign IP address and enable the cloaked proxy instead.

Just remember to change out the placeholder proxy since it's a longer code.

  • These are just a few examples of the sort of automation you can implement on your Windows PC with Windows Scripting Host.
  • You don't have to be an expert programmer!
  • Just learn a few of the commands in these scripts, and you can really work some magic.

Configure the proxy server manually using netsh command

Use netsh to configure a system-wide static proxy.

Still, if you're not ready for proxy by scripts, there are alternatives.

  • Check out our best web proxies for geo-blocked content and online privacy. If you don't want to deal with the scripting stress, you just have to use your browser instead.
  • How to Transform Your Android Phone Into a Microsoft Phone. Join our newsletter for tech tips, reviews, free ebooks, and exclusive deals!
  1. Windows 10 offers the ability to set a proxy server from its Settings app without the need for third-party software.

    1. This feature allows you to protect your online privacy by covering some of your tracks when surfing the web.
    2. Furthermore, using a proxy server might be the only way to access the internet in schools or enterprise environments.
  2. The proxy server, which acts as an intermediary between your Windows 10 device and the internet, is used to access online content from all web browsers that you have installed, as well as the Windows 10 apps from the Microsoft Store.

    Read on and learn how to change the proxy settings in Windows 10:.

To reset the winhttp proxy, enter the following command and press Enter:

See Netsh Command Syntax, Contexts, and Formatting to learn more.

Enable access to Microsoft Defender for Endpoint service URLs in the proxy server

By default, if a proxy or firewall is blocking all traffic by default and allowing only specific domains, then add the domains listed in the downloadable sheet to the allowed domains list.

The following downloadable spreadsheet lists the services and their associated URLs that your network must be able to connect. Ensure there are no firewall or network filtering rules to deny access for these URLs. Optional, you may need to create an allow rule specifically for them.


Spreadsheet of domains listDescription
Microsoft Defender for Endpoint URL list for commercial customersSpreadsheet of specific DNS records for service locations, geographic locations, and OS for commercial customers.
Microsoft Defender for Endpoint URL list for Gov/GCC/DoDSpreadsheet of specific DNS records for service locations, geographic locations, and OS for Gov/GCC/DoD customers.

If a proxy or firewall has HTTPS scanning (SSL inspection) enabled, exclude the domains listed in the above table from HTTPS scanning.In your firewall, open all the URLs where the geography column is WW. For rows where the geography column isn't WW, open the URLs to your specific data location. To verify your data location setting, see Verify data storage location and update data retention settings for Microsoft Defender for Endpoint.

NOTE: Before you go ahead and change proxy settings in Windows 10, make sure you first know what a proxy server is and why you might want to use one.

To change the Windows 10 proxy settings, you have to use the Settings app. One quick way to do that is to press Windows + I on your keyboard.

In the newly opened window, click or tap the section labeled Network & Internet. Network & Internet in Windows 10's Settings. Here, you find several subsections with settings. The last one should be named Proxy. To change the proxy settings in Windows 10, click or tap on it.

If a proxy or firewall is blocking anonymous traffic as Defender for Endpoint sensor, and it's connecting from system context to make sure anonymous traffic is permitted in the previously listed URLs.

Two separate sections can be configured on the right: “Automatic proxy setup” and “Manual proxy setup.”.

The Windows 10 proxy settings are found in Settings' Proxy section. Now let’s see exactly how to change proxy settings in Windows 10:.

Microsoft Monitoring Agent (MMA) - proxy and firewall requirements for older versions of Windows client or Windows Server

The information in the list of proxy and firewall configuration information is required to communicate with Log Analytics agent (often referred to as Microsoft Monitoring Agent) for previous versions of Windows, such as Windows 7 SP1, Windows 8.1, and Windows Server 2008 R2*.


Agent ResourcePortsDirectionBypass HTTPS inspection
*.ods.opinsights.azure.comPort 443OutboundYes
*.oms.opinsights.azure.comPort 443OutboundYes
*.blob.core.windows.netPort 443OutboundYes
*.azure-automation.netPort 443OutboundYes

Before you start setting up a proxy server in Windows 10, you need to find a few proxy addresses that you can use.

Many of these proxy servers have an URL (web address) similar to any regular website (e.g., proxy.example.org). Still, you should know that proxy services significantly differ regarding quality. You need a lot of patience to find one that works well with your online habits and internet connection.

Also, some proxy servers require you to specify a script address.

What is a script address? It’s the URL or IP address of a proxy configuration script that has to be loaded by Windows 10 in order to set the proxy server.

Confirm Microsoft Monitoring Agent (MMA) Service URL Requirements

See the following guidance to eliminate the wildcard (*) requirement for your specific environment when using the Microsoft Monitoring Agent (MMA) for previous versions of Windows.

  1. If your mind is set on using a proxy server like this, go to the “Automatic proxy setup” section. Here, check if the automatic detection of proxy settings is enabled and then turn the “Use setup script” switch On.

  2. Finally, type the URL of the proxy in the “Script address” field and press Save.

  3. How to configure proxy settings using a script address. Your settings are saved and used by Windows 10, your web browsers, and apps. If you want to change the Windows 10 proxy settings by manually specifying the proxy server to use, turn off the “Use setup script” switch from the “Automatic proxy setup” section.

  4. Then, in the “Manual proxy setup” section, turn on the “Use a proxy server” switch. The manual configuration of a proxy requires you to know the exact IP address and port of the proxy server you intend to use.

The wildcards (*) used in *.ods.opinsights.azure.com, *.oms.opinsights.azure.com, and *.agentsvc.azure-automation.net URL endpoints can be replaced with your specific Workspace ID. The Workspace ID is specific to your environment and workspace. It can be found in the Onboarding section of your tenant within the Microsoft 365 Defender portal.

The *.blob.core.windows.net URL endpoint can be replaced with the URLs shown in the "Firewall Rule: *.blob.core.windows.net" section of the test results.

After you have this information, enter it in the proxy server Address and Port fields.

You can also enter specific web addresses for which, no matter what browser you prefer, Windows 10 will not use the proxy server. It seems to be a great way to configure which websites can see your information when you visit them. Finally, you can check the box that says “Don't use the proxy server for local (intranet) addresses” at the bottom of the “Manual proxy setup” section.

Verify client connectivity to Microsoft Defender for Endpoint service URLs

Verify, the proxy configuration is completed successfully. The WinHTTP can then discover and communicate through the proxy server in your environment, and then the proxy server will allow traffic to the Defender for Endpoint service URLs.

  1. While it is not necessary to always do this, it might be a good idea to check this box if connected to a corporate network. How to manually configure proxy settings. Click or tap the Save button after you are done manually configuring a proxy server to apply your new proxy settings.

  2. NOTE: After changing your Windows 10 proxy settings, you might be asking yourself: “How do I know if my proxy is working?”.

  3. To determine whether your proxy server is working or not, check its status on websites like whatismyip.com.

    1. If you have taken your Windows 10 device to a new location and use a new internet connection, you can turn off the use of the proxy server.
    2. To do this, you have to change the Windows 10 proxy settings again.
  4. Open Settings, just like you did when you set up the proxy server, and go to Network & Internet and then to Proxy.

    If you have enabled a proxy with an automatic setup script, set the “Use setup script” switch Off.

  5. How to disable a proxy server that uses a script address. For a manually configured proxy server, set the “Use a proxy server” switch Off.

  6. How to disable a proxy server that uses a manual configuration. You should remember that your proxy settings are stored by Windows 10, and you can always turn them back on.

    Proxy servers represent a reasonable solution for hiding some of your online activity or accessing the internet in corporate networks. Luckily, Windows 10 offers a simple way to set up a proxy server in the Settings app. It represents an evolution of the way Windows-powered computers connect to the internet.

If any one of the connectivity options returns a (200) status, then the Defender for Endpoint client can communicate with the tested URL properly using this connectivity method.

However, if the connectivity check results indicate a failure, an HTTP error is displayed (see HTTP Status Codes). You can then use the URLs in the table shown in Enable access to Defender for Endpoint service URLs in the proxy server. The URLs available for use will depend on the region selected during the onboarding procedure.

If you have already used this Windows 10 feature, share your experience in the comments section below.

Also, let us know what kind of proxy server you are using. We are curious to see. Modified7 months ago. I want to make a simple Windows desktop widget to turn on and off the internet proxy. What is the simpler way? user3686362user3686362. You can create a simple "widget" using Visual Basic scripts and batchs.

Create the folder "Proxy Settings" in "C:\Users\%USERNAME%\";. Create the folder "Icons" in "C:\Users\%USERNAME%\Proxy Settings\";.

Related articles