Squid is the most popular Proxy server for Unix like operating systems. It also used for the web filtering. Squid also useful as caching proxy server for the HTTP, HTTPS, FTP protocols.
This article will help you to setup Squid Proxy Server on Ubuntu 18.10, 18.04 LTS, 16.04 LTS, and 14.04 LTS systems.
Step 1 – Install Package
Squid packages are available in default yum repositories. Execute below command on your server to install SQUID proxy server.
sudo apt update sudo apt install squid
Step 2 – Configure Squid Port
The default port for the Squid proxy servers is 3128. You can change this as per the requirements. To setup Squid on different port, Edit squid configuration file and change http_port value with new port.
http_port 3128
After making changing let’s restart Squid service to reload the configuration changes
sudo service squid restart
The next steps will help you to Setup Squid Proxy Server on Ubuntu systems. Use only those settings, which is required for your proxy server.
Step 3 – Allow All Traffic
Sometimes you are required to allow all traffic on your proxy server. In Squid server open Squid configuration file. Comment the http_access deny all line and add the http_access allow all entry this file.
http_access allow all #http_access deny all
Step 4 – Block Specific Website with Squid
Let’s start with the additional configuration like blocking any website using squid proxy server. Add below rules to block specific website before any allow all rules. Below example will block yahoo.com and www.rediff.com.
acl blocksite1 dstdomain yahoo.com acl blocksite2 dstdomain www.rediff.com http_access deny blocksite1 http_access deny blocksite2
If you have a long list of domain names, Create a file /etc/squid/blockwebsites.lst and put domain names one per line and add below rule in the squid configuration file.
acl blocksitelist dstdomain "/etc/squid/blockwebsites.lst" http_access deny blocksitelist
blockwebsites.lst file content example:
cat /etc/squid/blockwebsites.lst yahoo.com www.rediff.com
Step 5 – Block Specific Keyword with Squid
Add below rules to block specific website before any allow all rules. Below example will block all pages having keyword yahoo or Gmail.
acl blockkeyword1 url_regex yahoo acl blockkeyword2 url_regex gmail http_access deny blockkeyword1 http_access deny blockkeyword2
If you have a long list of keywords, Create a file /etc/squid/blockkeywords.lst and put keywords one per line and add below rule in the squid configuration file.
acl blockkeywordlist url_regex "/etc/squid/blockkeywords.lst" http_access deny blockkeywordlist
blockkeywords.lst file content example:
cat /etc/squid/blockkeywords.lst yahoo gmail facebook
Congratulation’s you have successfully install and configured Squid proxy server. Read next article to Configure Squid for Mac Address Based Filtering.
10 Comments
how to set ip range of whole network that are using net to allow specific website and deny block_bad website
Good Article!
Just a question to the tecadmin.net, how can i use multiple (additional) ip adresses for adittional proxies. I got some additional IP’s from my provider, but I don’t know how to set them up? Can you help tecadmin?
Thanks & Regards,
Alex
I have done everything you said –
the guide is very simple and clear –
I got till the end and setup like you said , but now what?
when I try to enter localhost:3128 – I get nothing
where is the web gui?
also how can I see it’s working?
I try to setup in my router proxy serve – but it’s not working
the comuter is 10.0.0.100 in my network – what do I need to do now?
can you explain what to do now?
Thanks ,
Open squid conf file as a root user…..
sudo vi /etc/squid/squid.conf
How to get the access.log file in a readable format to generate Squid Proxy Reports
awk ‘{a[$3]++} END {for(i in a) print i}’ /var/log/squid/access.log
I’m having trouble with Step 2, as the squid.conf file is [Read-Only] and it won’t allow me to overwrite it with my http_port number. What should I do?
This might be a permission issue. Try setting proper permission and save file with “:wq!” in vim editor.
great article for online user.
I am pulling my hair out. Everytime I check my IP (web running thu squid proxy) from a site like whatsmyip.org, I get a different IP address each time. I only want the public IP address of the squid proxy server to show.