What is Squid?
Squid is a proxy server that can be used to improve network performance and security. It can be used to cache web pages and images, allowing your users to access these files more quickly. Squid can also be used to protect your network from malicious content.
If you’re an experienced system administrator, you know that a proxy server can be a valuable tool for optimizing your network.
In this blog post, we’ll show you how to install a proxy server on Ubuntu using the Squid proxy server.
How to install Squid on Ubuntu and Debian
To install Squid on Ubuntu and Debian, use the following commands:
sudo apt update
sudo apt install squid3
The Squid proxy server will be installed on your Ubuntu system.
You can verify the service status by running the following command:
sudo systemctl status squid3
Output● squid.service - Squid Web Proxy Server Loaded: loaded (/lib/systemd/system/squid.service; enabled; vendor preset: enabled) Active: active (running) since Fri 2022-06-17 11:13:54 IST; 45s ago Docs: man:squid(8) Process: 2267 ExecStartPre=/usr/sbin/squid --foreground -z (code=exited, status=0/SUCCESS) Main PID: 2270 (squid) Tasks: 4 (limit: 2271) Memory: 15.7M CPU: 187ms CGroup: /system.slice/squid.service ├─2270 /usr/sbin/squid --foreground -sYC ├─2272 "(squid-1)" --kid squid-1 --foreground -sYC ├─2273 "(logfile-daemon)" /var/log/squid/access.log └─2274 "(pinger)" Jun 17 11:13:54 tecadmin squid[2272]: Using Least Load store dir selection Jun 17 11:13:54 tecadmin squid[2272]: Set Current Directory to /var/spool/squid Jun 17 11:13:54 tecadmin squid[2272]: Finished loading MIME types and icons. Jun 17 11:13:54 tecadmin squid[2272]: HTCP Disabled. Jun 17 11:13:54 tecadmin squid[2272]: Pinger socket opened on FD 14 Jun 17 11:13:54 tecadmin squid[2272]: Squid plugin modules loaded: 0 Jun 17 11:13:54 tecadmin squid[2272]: Adaptation support is off. Jun 17 11:13:54 tecadmin squid[2272]: Accepting HTTP Socket connections at conn3 local=[::]:3128 remote=[::] FD 12 flags=9
After you have installed Squid, you will need to configure it to meet your needs. The default configuration should be suitable for most users, but you may need to make some changes depending on your specific needs.
How to Configure Squid Proxy Server
The main Squid configuration file is located at /etc/squid3/squid.conf. This file contains all of the settings for Squid. You can edit this file to change the configuration of Squid.
- Configure Port
To configure the Squid port, you’ll need to edit the squid.conf file. This file is located in the /etc/squid directory on most Linux systems. Once you’ve opened the file in a text editor, you’ll need to locate the following line:
http_port 3128
If you need to change the Squid port, you can simply edit this line and enter the new port number. For example, if you want to use port 8080, you would enter:
http_port 8080
Once you’ve made the change, save the file and restart Squid.
Note: You can also configure Squid as transparrent proxy server by adding transparent keyword with the port like
http_port 8080 transparent
. - Configuring Firewall Rules
In order to use Squid, you will need to enable it in the Ubuntu firewall. You can do this by running the following command:
- UFW Users:
sudo ufw allow 8080
- FirewallD Users:
sudo firewall-cmd --permanent --zone=public --add-port=3128/tcp
sudo firewall-cmd –reload
This command will allow traffic on port 8080, which is the port that Squid listens on.
- UFW Users:
- Configure Proxy Authentication in Squid
You can also insist users to authenticate proxy to use. This helps you to prevent unauthorized access to the proxy server. This forces users to authenticate to use the proxy.
- First, install apache2-utils package, that provides htpasswd command.
sudo apt-get install apache2-utils -y
- Create a new file to contain username and password. Also change ownership to the Squid user proxy:
sudo touch /etc/squid/secure_passwd
sudo chown proxy: /etc/squid/secure_passwd
- Create a new user with following commnad:
sudo htpasswd /etc/squid/secure_passwd tecadmin
The system will prompt you to enter and confirm a password for “tecadmin” user.
- Edit the /etc/squid/squid.conf file, and add the following configuration:
auth_param basic program /usr/lib64/squid/basic_ncsa_auth /etc/squid/secure_passwd auth_param basic children 5 auth_param basic realm Squid Basic Authentication auth_param basic credentialsttl 2 hours acl auth_users proxy_auth REQUIRED http_access allow auth_users
- Restart Squid service.
- First, install apache2-utils package, that provides htpasswd command.
- Create ACL to Block Websites
You can block any website by its domain name. To do the following:
- Create a new file /etc/squid/blocked_websites.acl and edit in a text editor. You can choose any name of your choice.
sudo nano /etc/squid/blocked_websites.acl
- In this file, add the domain names one per line to be blocked. You can start the domain name with a dot (.) to blcok subdomains as well.
.yahoo.com .facebook.com
- Edit the /etc/squid/squid.conf file again.
sudo nano /etc/squid/squid.conf
- Add the following lines just before the ACL list.
acl blocked_websites dstdomain “/etc/squid/blocked.acl” http_access deny blocked_websites
Save changes and restart Squid service.
- Create a new file /etc/squid/blocked_websites.acl and edit in a text editor. You can choose any name of your choice.
Conclusion
In this article, we will go over the steps on how to install a Squid proxy server on an Ubuntu server. We will also cover some basic configurations that can be made to Squid once it is installed. By the end of this article, you should have a working installation of the Squid proxy server on your Ubuntu server.
The post How to Setup Squid Proxy Server on Ubuntu and Debian appeared first on TecAdmin.
Discover more from Ubuntu-Server.com
Subscribe to get the latest posts sent to your email.