Using Docker to Run Firefox as a Proxy: A Simple Solution for Accessing Blocked Websites in China

When I was travelling to China, the most annoying thing is accessing foreign websites: Gmail, YouTube videos, etc. In mainland China, "using a VPN" is illegal, but it seems that in major cities like Shanghai and Beijing, permits need to be obtained for using VPN legally. For example, some international companies and government institutions can apply to bypass the Great Firewall (GFW).

One easy option is to use the paid VPN services. This post shows how to set up a Firefox Browser on a server using a simple docker command.

Running Firefox Browser in a Docker Container

Assuming your host/server/VPS already has Docker installed, simply save the following script as a BASH file, such as docker-firefox.sh, and then run it from the command line:

./docker-firefox.sh PASS

Here, PASS is the password that we will use later. If PASS is not provided, you need to remove the line -e VNC_PASSWORD= in the script. If credentials are specified, you would need to enter them later.

#!/bin/bash
VNC_PASS=$1
docker run -itd 

--restart always 

--name=firefox 

-p 5800:5800 

-v $(pwd)/config:/config:rw 

--shm-size 1g 

-e ENABLE_CJK_FONT=1 

-e VNC_PASSWORD=${VNC_PASS} 

jlesage/firefox

It takes a few minutes for the Docker to pull the jlesage/firefox image, and once it is completed, you can access it by http://IP-OR-DOMAIN:5800 to ihe browser. The port 5800 is specified in the script above, but you can change it to another port if needed. You will see a Firefox browser which is actually running on your server.

[caption id="attachment_156899" align="alignnone" width="1440"] Docker pull the images to set up the Firefox[/caption]

Once it's up and running, your host acts as a proxy. When you are in China, you can access your host (as long as it hasn't been blacklisted by the firewall) and use the embedded Firefox browser to visit the foreign/blocked websites.

Run the Firefox Proxy using a Docker Container

Perhaps due to my server configuration, the performance feels a bit laggy and not very smooth. Additionally, when I tried logging into my Gmail account, Google flagged it as risky and asked me to change my password.

I tested it by watching a YouTube ad, but there was no sound, so using this method to watch YouTube videos is impractical.

Also, this setup only supports HTTP, not HTTPS. If a domain has HSTS enabled, you can only access HTTP via the IP address. However, you can set up an Nginx/Apache reverse proxy to access HTTPS.

For example, the following configuration redirects/proxy the 443 port to the Firefox proxy in the nginx server.

server {
    listen 443 ssl;
    server_name domain_name
ssl_certificate /root/fullchain.cer;
ssl_certificate_key /root/key.key;

location / {
    proxy_pass https://your-server-ip:5800;
    proxy_ssl_verify off;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}

}

This setup is not suitable for daily work, but it can be useful as an emergency solution when traveling back to China. Especially if you don't want to leave traces on a public computer, just use a strong password and HTTPS. When you no longer need it, remember to delete the Docker container to protect your privacy.

docker stop firefox
docker rm -f firefox

You can use docker logs -f firefox to check container logs:

[init ] container is starting... [cont-env ] loading container environment variables... [cont-env ] APP_NAME: loading... [cont-env ] APP_VERSION: loading... [cont-env ] DISPLAY: executing... [cont-env ] DISPLAY: terminated successfully. [cont-env ] DISPLAY: loading... [cont-env ] DOCKER_IMAGE_PLATFORM: loading... [cont-env ] DOCKER_IMAGE_VERSION: loading... [cont-env ] EGL_LOG_LEVEL: executing... [cont-env ] EGL_LOG_LEVEL: terminated successfully. [cont-env ] EGL_LOG_LEVEL: loading... [cont-env ] GSK_RENDERER: executing... [cont-env ] GSK_RENDERER: terminated successfully. [cont-env ] GSK_RENDERER: loading... [cont-env ] GTK2_RC_FILES: executing... [cont-env ] GTK2_RC_FILES: terminated successfully. [cont-env ] GTK2_RC_FILES: not setting variable. [cont-env ] GTK_THEME: executing... [cont-env ] GTK_THEME: terminated successfully. [cont-env ] GTK_THEME: not setting variable. [cont-env ] HOME: loading... [cont-env ] LIBGL_DRIVERS_PATH: executing... [cont-env ] LIBGL_DRIVERS_PATH: terminated successfully. [cont-env ] LIBGL_DRIVERS_PATH: not setting variable. [cont-env ] PULSE_CONFIG_PATH: executing... [cont-env ] PULSE_CONFIG_PATH: terminated successfully. [cont-env ] PULSE_CONFIG_PATH: not setting variable. [cont-env ] PULSE_COOKIE: executing... [cont-env ] PULSE_COOKIE: terminated successfully. [cont-env ] PULSE_COOKIE: not setting variable. [cont-env ] PULSE_SERVER: executing... [cont-env ] PULSE_SERVER: terminated successfully. [cont-env ] PULSE_SERVER: not setting variable. [cont-env ] QT_STYLE_OVERRIDE: executing... [cont-env ] QT_STYLE_OVERRIDE: terminated successfully. [cont-env ] QT_STYLE_OVERRIDE: not setting variable. [cont-env ] TAKE_CONFIG_OWNERSHIP: loading... [cont-env ] XDG_CACHE_HOME: loading... [cont-env ] XDG_CONFIG_HOME: loading... [cont-env ] XDG_DATA_HOME: loading... [cont-env ] XDG_RUNTIME_DIR: loading... [cont-env ] XDG_STATE_HOME: loading... [cont-env ] container environment variables initialized. [cont-secrets] loading container secrets... [cont-secrets] container secrets loaded. [cont-init ] executing container initialization scripts... [cont-init ] 10-certs.sh: executing... [cont-init ] 10-certs.sh: terminated successfully. [cont-init ] 10-check-app-niceness.sh: executing... [cont-init ] 10-check-app-niceness.sh: terminated successfully. [cont-init ] 10-clean-logmonitor-states.sh: executing... [cont-init ] 10-clean-logmonitor-states.sh: terminated successfully. [cont-init ] 10-clean-tmp-dir.sh: executing... [cont-init ] 10-clean-tmp-dir.sh: terminated successfully. [cont-init ] 10-fontconfig-cache-dir.sh: executing... [cont-init ] 10-fontconfig-cache-dir.sh: terminated successfully. [cont-init ] 10-init-users.sh: executing... [cont-init ] 10-init-users.sh: terminated successfully. [cont-init ] 10-nginx.sh: executing... [cont-init ] 10-nginx.sh: terminated successfully. [cont-init ] 10-openbox.sh: executing... [cont-init ] 10-openbox.sh: terminated successfully. [cont-init ] 10-pkgs-mirror.sh: executing... [cont-init ] 10-pkgs-mirror.sh: terminated successfully. [cont-init ] 10-pulse.sh: executing... [cont-init ] 10-pulse.sh: terminated successfully. [cont-init ] 10-set-tmp-dir-perms.sh: executing... [cont-init ] 10-set-tmp-dir-perms.sh: terminated successfully. [cont-init ] 10-vnc-password.sh: executing... [cont-init ] 10-vnc-password.sh: creating VNC password file from environment variable... [cont-init ] 10-vnc-password.sh: terminated successfully. [cont-init ] 10-web-data.sh: executing... [cont-init ] 10-web-data.sh: terminated successfully. [cont-init ] 10-webauth.sh: executing... [cont-init ] 10-webauth.sh: terminated successfully. [cont-init ] 10-x11-unix.sh: executing... [cont-init ] 10-x11-unix.sh: terminated successfully. [cont-init ] 10-xdg-runtime-dir.sh: executing... [cont-init ] 10-xdg-runtime-dir.sh: terminated successfully. [cont-init ] 15-cjk-font.sh: executing... [cont-init ] 15-cjk-font.sh: installing CJK font... [cont-init ] 15-cjk-font.sh: fetch https://dl-cdn.alpinelinux.org/alpine/v3.21/main/x86_64/APKINDEX.tar.gz [cont-init ] 15-cjk-font.sh: fetch https://dl-cdn.alpinelinux.org/alpine/v3.21/community/x86_64/APKINDEX.tar.gz [cont-init ] 15-cjk-font.sh: (1/1) Installing font-wqy-zenhei (0.9.45-r3) [cont-init ] 15-cjk-font.sh: Executing fontconfig-2.15.0-r1.trigger [cont-init ] 15-cjk-font.sh: Executing mkfontscale-1.2.3-r1.trigger [cont-init ] 15-cjk-font.sh: OK: 694 MiB in 168 packages [cont-init ] 15-cjk-font.sh: terminated successfully. [cont-init ] 15-install-pkgs.sh: executing... [cont-init ] 15-install-pkgs.sh: terminated successfully. [cont-init ] 55-check-snd.sh: executing... [cont-init ] 55-check-snd.sh: sound not supported: device /dev/snd not exposed to the container. [cont-init ] 55-check-snd.sh: terminated successfully. [cont-init ] 55-firefox.sh: executing... [cont-init ] 55-firefox.sh: terminated successfully. [cont-init ] 56-firefox-set-prefs-from-env.sh: executing... [cont-init ] 56-firefox-set-prefs-from-env.sh: terminated successfully. [cont-init ] 85-take-config-ownership.sh: executing... [cont-init ] 85-take-config-ownership.sh: terminated successfully. [cont-init ] 89-info.sh: executing... ╭――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――╮ │ │ │ Application: Firefox │ │ Application Version: 135.0-r0 │ │ Docker Image Version: 25.02.2 │ │ Docker Image Platform: linux/amd64 │ │ │ ╰――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――――╯

This setup does not support multiple users, meaning if multiple users log in at the same time, they will see the same window.

[caption id="attachment_156900" align="alignnone" width="1516"] Credentials are setup/required to access the Firefox Browser[/caption]

[caption id="attachment_156901" align="alignnone" width="2048"] Firefox Browser using Docker Container[/caption]

Reposted to Blog

Steem to the Moon🚀!

• You can rent Steem Power via rentsp!
• You can swap the TRON:TRX/USDT/USDD to STEEM via tron2steem!
• You can swap the STEEM/SBD to SOL Solana via steem2sol!
• You can swap the STEEM/SBD to ETH Ethereum via steem2eth!
• You can swap the STEEM/SBD to Tether USDT (TRC-20) via steem2usdt!
• You can swap the STEEM/SBD to TRX (TRON) via steem2trx!
• You can swap the STEEM/SBD to BTS (BitShares) via steem2bts!
• Register a free STEEM account at SteemYY!
• Steem Block Explorer
• ChatGPT/Steem Integration: You can type !ask command to invoke ChatGPT
• Steem Witness Table and API
• Other Steem Tools