How to Use Residential Proxies: A Practical Setup Guide

Last updated: May 2026

I work with residential proxies daily, both in setup and in support, and the same setup mistakes show up in about 90% of the tickets I see. Most of them have nothing to do with the proxy itself. They come from the wrong tool, the wrong targeting, or a confusion about what residential proxies actually do. This guide covers how to set them up correctly, how to choose authentication and session settings, and which mistakes cause the failures most beginners run into in the first hour.

TL;DR

Residential proxies route traffic through real consumer IP addresses assigned by internet service providers to home users. To use them, you need an account on any proxy provider, a proxy string, and a tool that supports proxy authentication. The most reliable setups use an antidetect browser (AdsPower, Dolphin Anty, MoreLogin) rather than a Chrome or Firefox extension because antidetect browsers were built specifically for proxy work. Authentication is almost always user and password. Targeting should start wide and only narrow when needed. The most common cause of slow speed or "no IPs available" errors is over-targeting, not the provider.

Key takeaways:

Residential proxies need a tool built for proxies because generic browser extensions leak the real IP through WebRTC and DNS, drop sessions on tab reload, and bypass the proxy on certain network calls.

The standard authentication method for residential proxies is user and password because every modern scraping framework, antidetect browser, and proxy client supports it. IP whitelisting exists as a fallback for legacy software that does not support credentials.

Targeting is cumulative. Country, state, city, and ASN filters all narrow the available IP pool. Stacking all four at once is the most common reason for slow speeds and IP shortages because each filter shrinks the pool to a smaller subset of currently online consumer devices.

Sticky sessions hold the same IP for a defined period of time, typically 1 minute to a few hours. They cannot be guaranteed indefinitely because the underlying IP belongs to a real consumer device that may go offline at any moment.

Gateway server selection (US, EU, Asia) controls routing speed, not which country the exit IP is in. The two settings are independent.

What Are Residential Proxies?

Residential proxies are IP addresses assigned by internet service providers to real consumer devices, routed through a proxy network so that outbound traffic appears to originate from a home connection. They differ from datacenter proxies, which originate from server hosting infrastructure, and from ISP proxies, which are static residential-type IPs hosted in data centers.

The infrastructure works through a peer network. A consumer device, usually a phone or laptop running a participating application, agrees to share idle bandwidth in exchange for certain rewards. When a proxy user sends a request, the provider routes it through one of these consumer connections. The destination website sees a request from a residential ISP like Comcast, Verizon, or Deutsche Telekom.

Residential proxies are priced per gigabyte of traffic rather than per IP because the provider does not own the underlying IP addresses. The IPs belong to real consumer devices that join and leave the network constantly, which makes per-IP pricing impossible to reconcile with real cost.

The main weakness of residential proxies is speed variability because each request is routed through a different consumer connection. A residential IP in a major metropolitan area with a top-tier ISP will perform very differently from one in a rural area with a smaller provider. This is not a flaw of any specific provider. It reflects the underlying network.

What You Need Before You Start

A working residential proxy setup requires four things: a provider account with active credits or an active plan, a generated proxy string, a target task, and a tool that supports proxy authentication.

The proxy string is the most important piece and the part most beginners get wrong by copying the wrong format. A typical residential proxy string looks like this:

resi-us.catproxies.com:9000:4f53504f801d49cf8f122eeXc67e54d1-type-residential-country-at-state-salzburg-city-hallein-asn-1853:f7i33pZSu7iPx0E30QWH6GB9PzZ8Dj0CcyL5

This breaks down as hostname:port:username:password. The hostname (resi-us.catproxies.com) indicates the gateway region. The port (9000) is fixed for HTTP and HTTPS. The username carries the session ID and all targeting parameters, separated by hyphens. The password is the static authentication token tied to the account.

Every targeting change rewrites the username portion of the string, not the hostname or port. A single connection type uses a single port. There is no need to switch ports between requests.

How to Set Up Residential Proxies in an Antidetect Browser

The fastest and most reliable way to use residential proxies is through an antidetect browser. AdsPower, Dolphin Anty, and MoreLogin all support residential proxies natively, all offer free profiles, and all auto-detect the proxy format on paste. The user copies the full hostname:port:username:password string into the proxy field, and the browser parses it into the four fields automatically.

Antidetect browsers outperform standard browsers with proxy extensions because they apply the proxy at the network stack level, while extensions only intercept browser traffic. A Chrome or Firefox extension routes traffic through the browser's networking layer, which leaks WebRTC, ignores DNS settings, and drops sessions on tab reload. An antidetect browser isolates each profile in its own networking sandbox and persists the session across reloads.

A free or budget antidetect browser will outperform a polished standard browser with the best extension every time, regardless of how the standard browser looks or feels. Interface quality is unrelated to proxy reliability.

The general flow is the same across these tools: create a new profile, open proxy settings, paste the full proxy string, save, and launch. Most antidetect browsers also include a built-in IP check on launch that confirms the proxy is connecting and shows the current exit IP.

Other setup paths exist for specific tools and environments, including desktop proxy clients (Proxifier, FoxyProxy), scraping frameworks (Scrapy, Selenium, Puppeteer, Playwright), and mobile devices (iOS, Android). Each of those workflows has its own configuration steps and is best covered in a dedicated tutorial.

How to Test Your Proxy After Setup

A working proxy setup must pass three checks: the exit IP matches the targeting, no leaks reveal the real IP, and the browser fingerprint does not flag the connection as suspicious. The built-in IP check inside an antidetect browser only confirms the first one. The other two require external tools.

For exit IP and proxy quality checks, whoer.net and Scamalytics are more useful than ipinfo.io or ip2location. Whoer.net returns an anonymity score along with the exit IP, ISP, and geolocation, which is enough to confirm both that the proxy is working and that the connection is not flagged. Scamalytics returns a fraud score for the IP, which gives a rough indication of how the IP has been used recently. Both are free and require no signup.

For browser leak checks, Pixelscan is the most thorough. It runs WebRTC leak detection, DNS leak detection, fingerprint consistency checks, and a battery of other tests in a single page load. A clean Pixelscan result confirms the proxy is working and that the browser is not leaking the real IP through side channels.

A reasonable test sequence after setup is: open the antidetect browser profile, visit whoer.net or Scamalytics to confirm the exit IP and check the score, then visit Pixelscan to confirm there are no leaks. If all three checks pass, the setup is ready for the actual task.

For tests outside a browser, a single curl command confirms a proxy is reachable and returning the expected IP. The format is curl -x http://user:pass@host:port https://ipinfo.io/json. The response should show the proxy exit IP, not the real IP.

Authentication: User and Password vs IP Whitelisting

The standard authentication method for residential proxies is user and password because every modern scraping framework, antidetect browser, and proxy client supports it. IP whitelisting exists as a fallback method, where the user registers a public IP address with the provider and the provider authenticates traffic based on the source IP.

IP whitelisting exists for two reasons. First, some legacy software does not support credential-based proxy authentication. Second, some users prefer not to embed credentials in scripts.

Both reasons are weak in practice. Embedding credentials in a script is a code hygiene problem, not a reason to fall back to IP whitelisting. IP whitelisting also breaks the moment the user's home IP changes, which on residential connections happens regularly because consumer ISPs rotate dynamic IPs.

User and password is the correct default. Use IP whitelisting only when the tool genuinely does not support credentials.

Sticky vs Rotating Sessions: Which to Use

Rotating sessions assign a new IP on every request. Sticky sessions hold the same IP for a defined time window. The choice between them is determined by the task, not by preference.

Rotating sessions fit tasks where each request should look like an independent visitor because changing the IP per request avoids rate limits and IP-based blocks. Web scraping at volume, search engine result page collection, and large-volume price monitoring all use rotating sessions.

Sticky sessions fit tasks that require continuity because cookies, tokens, and session state are often tied to an IP. Account login, multi-step checkout flows, ad verification on a single landing page, and any session that includes IP-bound state all require a stable IP for the duration of the session. Sticky session windows on residential proxies typically range from 1 minute to a few hours depending on the provider.

Sticky sessions on residential proxies cannot be guaranteed indefinitely because the IP belongs to a real consumer device that may go offline, change network, or leave the network at any moment. Any provider promising sticky residential sessions for days or longer is either misrepresenting the product or using static residential infrastructure that should not be classified as standard residential. For a deeper breakdown of the trade-offs, see Sticky vs Rotating Proxies: Differences and Best Uses.

When the task involves long-term account management rather than session-bound work, ISP proxies (static residential) are usually a better fit than sticky residential. Residential rotating and ISP static are different products solving different problems.

Geo-Targeting: Country, State, City, and ASN

Each additional targeting parameter narrows the available IP pool because the filters compound multiplicatively rather than independently. Country, state, city, and ASN (the specific internet provider) can all be combined, but stacking all four is the most common reason setups fail.

The mechanism is simple. A residential pool of, for example, 5 million daily active IPs in the United States might contain 200,000 in Texas, 30,000 in Houston, and 4,000 on a specific second-tier ISP in Houston. Speed within the smallest segment is bound by which of those 4,000 devices are currently online and whether their consumer connections happen to be fast.

The practical guideline is to start wide and narrow only as needed. If a use case genuinely requires a specific city, target that city and skip ASN unless absolutely required. If the task only needs a country, target only the country. ASN-level targeting on a small ISP in a small city will frequently return an IP shortage error or visibly degraded speed.

When a user reports slow speed or an IP shortage, the first diagnostic step is almost always to widen the targeting. Dropping ASN, then dropping city, then dropping state usually resolves the issue within seconds.

Targeting Parameter Effects

The targeting is encoded directly in the username portion of the proxy string. In the format above, the segments country-at-state-salzburg-city-hallein-asn-1853 are the targeting parameters. Removing or modifying these segments changes the targeting on the next connection.

Gateway Server Selection

Gateway server selection controls the route the request takes through the proxy network, not the country of the exit IP. Most providers offer gateway nodes in the US, EU, and Asia. Choosing a gateway closer to the user reduces latency on the connection between the user and the proxy network because the request travels a shorter physical path before entering the network.

Gateway region and IP target country are independent. A user in Europe targeting a US IP can route through the US gateway (resi-us.catproxies.com) or the EU gateway (resi-fr.catproxies.com). The exit IP is still in the US either way. The route to that exit IP changes.

The default assumption that the gateway closest to the target country is always fastest is wrong. Sometimes the EU gateway returns a better connection to a US-targeted IP because the routing path through the provider network is shorter or less congested. Testing both is the only reliable way to know which is faster for a given setup.

Common Setup Errors and How to Fix Them

The same five setup errors account for the majority of residential proxy support tickets. Each one has a predictable diagnostic pattern.

"My proxy does not connect." First, verify the proxy string is complete and matches the format hostname:port:username:password. Missing or extra hyphens in the username are the most common cause. Second, verify the targeting parameters are valid. A typo like country-uk instead of country-gb will fail. Third, verify the tool supports user and password authentication.

"My proxy is slow." Almost always a targeting problem. Drop ASN first, then city, then state. Speed should improve at each step. If it does not, switch the gateway region and retest.

"No IPs available." Same root cause as slow speed. The combination of targeting parameters has produced an empty or near-empty pool segment. Widen the targeting.

"My session keeps changing IPs." The session is configured as rotating instead of sticky, or the sticky session window has expired. Check the session ID configuration in the username and confirm the sticky window length on the plan.

"The browser leaks my real IP." The setup is using a standard browser with an extension instead of an antidetect browser. Switch to AdsPower, Dolphin Anty, or MoreLogin and recreate the profile. Verify the new setup with Pixelscan to confirm the leaks are resolved.

Common Misconceptions About Residential Proxies

"More precise targeting always gives better results." Untrue. Precise targeting narrows the pool and reduces the number of available IPs. For most tasks, country-level or state-level targeting is sufficient and produces better speed and stability than narrower targeting because the pool is larger and contains more high-quality consumer connections. ASN targeting is a specialist tool, not a default.

"A US gateway is always fastest for US targets." Untrue. Gateway selection affects routing, not target country. Sometimes the EU gateway returns better speed to a US target because the path through the provider network is shorter or less congested. Test both before assuming.

"A free or budget antidetect browser is worse than a polished standard browser." Untrue. Visual polish has nothing to do with proxy reliability. A budget antidetect browser is built for proxy work. A standard browser with an extension is not. The budget antidetect browser will outperform the standard browser every time on session stability and IP isolation.

"Fraud score is the most important metric for residential proxies." Untrue. Fraud score matters, but browser fingerprinting, cookie management, and behavioral patterns matter more. A clean IP behind a leaky browser fingerprint will still trip detection because target sites cross-reference multiple signals. The browser setup deserves at least as much attention as the proxy quality.

"All residential providers are roughly the same." Untrue. Pool composition, daily active IP counts, and geo distribution vary significantly between providers. Most advertise total pool size (often 50 million plus) without disclosing daily active IP count, which is the figure that actually determines availability. The difference between providers is visible the moment a user tests them on the same target.

When Residential Proxies Are the Wrong Tool

Residential proxies are not the right answer for tasks that require IP stability over days, predictable low latency, or high-volume access to cooperative targets. Three scenarios where a different proxy type fits better:

Long-term account management on a single platform. Residential rotating sessions cannot guarantee a stable IP for days or weeks. Static ISP proxies are designed for this and provide a fixed IP from a residential subnet that stays assigned to the user. For account farming, large-volume social media management, or any task where the same account logs in repeatedly from the same IP, ISP proxies are usually the correct choice.

High-volume, low-stakes scraping of cooperative targets. When the target is not aggressively blocking and the cost-per-gigabyte of residential proxies starts to dominate the budget, datacenter proxies cost a fraction of the price and work fine. Residential proxies are overkill for targets that do not actively detect them.

Tasks requiring consistent latency below 100 milliseconds. Residential proxies route through real consumer connections. Latency varies between 50 milliseconds and several seconds depending on the device. Tasks that require predictable low latency, such as real-time bidding or latency-sensitive automation, fit datacenter or ISP proxies better.

Frequently Asked Questions

Do residential proxies need a special browser?

A standard browser with a proxy extension will technically connect, but the setup is unreliable because extensions cannot prevent WebRTC and DNS leaks at the network stack level. Sessions drop on reload, the real IP can leak, and DNS settings often bypass the proxy entirely. An antidetect browser like AdsPower, Dolphin Anty, or MoreLogin handles all of this correctly and is the recommended setup for any non-trivial use case.

What is the format of a residential proxy string?

The standard format is hostname:port:username:password. The hostname identifies the gateway region. The port is fixed per connection type (HTTP/HTTPS use one port, SOCKS5 uses another). The username carries the session ID and all targeting parameters separated by hyphens. The password is a static account token.

Can I use residential proxies on iPhone or Android?

Yes, but not through the system Wi-Fi proxy settings, which do not support user-and-password authentication. Use a dedicated proxy app like Shadowrocket on iOS or Proxifier-style routing on Android. Alternatively, route the mobile traffic through a desktop running an antidetect browser.

Why is my residential proxy slow?

Almost always over-targeting. Stacking country, state, city, and ASN narrows the available pool to a small number of devices. Drop ASN first, then city. Speed typically recovers within a single retest. If speed is still slow with only country targeting, test a different gateway region.

How can I check if my residential proxy is working correctly?

Use whoer.net or Scamalytics to verify the exit IP and check the proxy quality score, then use Pixelscan to verify there are no WebRTC, DNS, or fingerprint leaks. The antidetect browser built-in IP check confirms the IP is changing but does not test for leaks. All three sites are free and require no signup.

How long can a sticky session hold the same IP?

Sticky session windows on residential proxies typically range from 1 minute to a few hours depending on the provider and plan. Promises of multi-day sticky residential sessions are not technically achievable with real residential infrastructure because the underlying device can go offline at any time.

Do I need IP whitelisting?

No, in almost all cases. User-and-password authentication is supported by every modern tool worth using. IP whitelisting exists as a fallback for legacy software and is not the default authentication method on most major providers.

What is the difference between a gateway and a target country?

The gateway is where the request enters the proxy network. The target country is where the exit IP is located. They are independent. A request can enter through a US gateway and exit on a German IP, or enter through an EU gateway and exit on a US IP. Gateway selection affects routing speed, not which country the destination website sees.

Can I combine residential proxies with other proxy types?

Yes, and many use cases benefit from it. Residential proxies fit unblocking and verification tasks. Datacenter proxies fit high-volume work on cooperative targets. ISP proxies fit long-term account management. A mature setup often uses all three for different parts of the workflow.