fbpx

If you would like to read what are proxy servers and how they can benefit you, please refer: Click

If you would like to buy a VPS to make your own Proxy Server along with this tutorial check out: Click

Squid Proxy

Little introduction about the proxy of the article:

“Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. It reduces bandwidth and improves response times by caching and reusing frequently-requested web pages. Squid has extensive access controls and makes a great server accelerator. It runs on most available operating systems, including Windows, and is licensed under the GNU GPL.”

[http://www.squid-cache.org/]

It is very mature, quick, and flexible. That is why it is one of the most widespread web proxies. It is predominantly used in large environments, such as universities and large corporates.

But it could be just as useful for small businesses and even to an individual user.

Install Proxy Server: Squid Proxy

Step 1: Update the server

yum -y update

Step 2: Install squid

yum -y install squid

Step 3: Start and enable squid server.

systemctl start squid
systemctl enable squid

Step 4: Check the status of squid server.

systemctl status squid

Configure Proxy Server: Squid Proxy

The configurations for your Squid server are stored in the /etc/squid/squid.conf file

Configure your Network To Route through your Proxy to the access Internet

You have to add the IP or the IP ranges which will be making contact with your Proxy Server and then the Proxy server will act as a gateway for only those IP(s)

You have to add the IP or the IP ranges which will be making contact with your Proxy Server and then the Proxy server will act as a gateway for only those IP(s)

You can add a source IP range with an ACL using the following format.

acl localnet src <IP>

Edit the configuration file /etc/squid/squid.conf. Add the source IP(s) as shown below.

Restart the proxy server after making the ACL changes.

systemctl restart squid

Test proxy Server Connectivity

Test if the proxy server is working using a simple curl request. Use the following curl format. By default, squid proxy runs on 3128 port.

curl -x http://<squid-proxy-server-IP>:3128  -L http://virtono.com

Configure Proxy Authentication

As an addon to ACL, you should also add a basic authentication to your proxy server for extra security. The steps to do this are as follows:

Step 1: On your Squid server install httpd-tools

yum -y install httpd-tools

Step 2: Create an empty passwd file

touch /etc/squid/passwd 

Step 3 : Change the owner of the file

chown squid /etc/squid/passwd

Step 3: Add squid to the password file using htpasswd utility.

You will be asked for a password, use a strong one, and don’t forget to store it. This username and password will be used for all connections through this proxy.

htpasswd /etc/squid/passwd squid

Step 4: Open squid config file.

vi /etc/squid/squid.conf

Add the following to the config file and save it.

auth_param basic program /usr/lib64/squid/basic_ncsa_auth /etc/squid/passwd

auth_param basic children 5

auth_param basic credentialsttl 2 hours

auth_param basic utf8 on

auth_param basic realm Please enter your credentials for the Proxy Server!

auth_param basic casesensitive on

acl auth_access proxy_auth REQUIRED

http_access allow auth_access

Step 5: Now, restart squid server for the configuration changes to take place.

sudo systemctl restart squid

Step 6: Now if you test the proxy connection using curl, you will get the “authentication required message” as shown below.

Now, test the connectivity with proxy user and password we configured in step 3. An example syntax is shown below.

curl -x http://35.196.101.43:3128  --proxy-user squid:thisIsPassword  -I http://virtono.com

With username and password, your proxy request should go through.

Blocking Websites

Another great use of the proxy server is restricting the website access. Follow the steps below for creating a block list.

Step 1: Open a blocked list file.

vi /etc/squid/blocked_sites

Add the websites to be blocked in the file. For example,

facebook.com
instagram.com

Step 2: Open the squid config file.

vi /etc/squid/squid.conf

Add the following to the ACL list.

acl blocked_sites dstdomain "/etc/squid/blocked_sites"

http_access deny blocked_sites

Step 3: Restart the squid server.

systemctl restart squid

Now if you try to access the blocked site through the proxy, you will get a forbidden message.

Uninstall Squid Proxy Server

In case if you would want to remove squid from your server just use the yum remove command as below.

yum remove squid

You will be prompted once to ask for confirmation.


1 Comment

The Proxy Server, What, Why and How – Virtono Community · June 16, 2020 at 4:23 PM

[…] If you just want to jump to configuring a proxy server here is the How. […]

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: