Setting Up Your Own Squid Proxy

squid tutorial 2
  • 749 views
  • 11 March, 2018

Squid is an open-sourced web proxy cache server under GNU General Public License 3 (GPL 3) that can be utilized in various ways like:

  • Provide proxy and cache services for network protocols like File Transfer Protocol (FTP) and Hyper Text Transport Protocol (HTTP).
  • Filter traffic and network protocols.
  • Cache DNS lookups.
  • Fasten the loading of various websites.

Used by a large number of internet providers in the world, Squid can run on a host of operating systems. In this article, you'll learn how to set up the Squid proxy server so that you can be able to create your own proxies.

Step 1: Getting Your Server Ready

Connect to your Ubuntu server and use your Sudo or Root User credentials to log in to your system.

ssh root@your_server_ip

The next step is to create an alternative user account that has to be associated with a reduced scope of influence.

# adduser jake

The account password will be required at this stage and a few other questions will be asked. Additional information will be required but this part is optional.

Next, let this user enable root user privileges thereby adding it to the sudoers' group.

# usermod -aG sudo jake

With superuser privileges, you can now be able to run commands using sudo commands.

After doing this, update your system software for security patches and new version updates by making use of the command below.

# sudo apt-get update && sudo apt-get -y upgrade

You can then proceed to the next stage as soon as your system has all the updates and security patches.

Step 2: Installing Squid

The command below should be run to install squid on your system as depicted.

squid tutorial 1

# sudo apt-get install squid

To continue installing the squid package, type ‘Y’ for yes and press ‘Enter’.

Step 3: Configuring Your Squid Proxy Server

Squid's default configuration file is under ‘/etc/squid/squid.conf’ where some configuration directives have to be followed through so that it can affect Squid's behavior.

Before editing the configuration file, it is preferable to backup the original file so it can be possible to revert any changes that go wrong.

# cp /etc/squid/squid.conf /etc/squid/squid.conf.org

The next step is to enable access to HTTP's proxy server from all IP addresses. This can be done by editing the ‘http_access’ directive.

http_access allow all

After saving and closing the configuration file, restart the squid server service so that the changes can take effect.

Step 4: Making Use Of Squid As An HTTP Proxy

To add a new ACL to the configuration file, open it on any editor.

# vim /etc/squid/squid.conf

acl k_vm src 111.11.11.11  # Your Servers IP  http_access allow k_vm

You can always replace “k_vm” and “111.11.11.11” with your own IP and Hostname.

Use ‘:wq!’ to close the configuration file and use the command below to restart the squid service.

# systemctl restart squid

squid tutorial 2

Step 5: Basic User And Password Authentication

We'll use “ncsa_auth” for this exercise.

To add the following line, open the squid configuration file

# vim /etc/squid/squid.conf

auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/passwd

auth_param basic realm proxy

acl authenticated proxy_auth REQUIRED

http_access allow authenticated

After saving and closing the file, run the command below to create an empty file that would be used to store squid credentials.

#touch /etc/squid/passwd

The next command will be used to create a password that will be used to access the squid proxy server.

# htpasswd -c /etc/squid/passwd jake

Restart your squid service for it to take effect.

# systemctl restart squid

squid tutorial 3

The username and password will be used to authenticate a pop up that will show on your browser after entering the IP address of your squid proxy server.

Step 6: IP Whitelisting From Authentication

To do this, we need to configure ACLs that match the important IPs and use them with http_access directive. To allow an IP address connect to the Squid proxy, open the squid configuration file and add the following line

# vim /etc/squid/squid.conf

# Allowed clients  acl white_list src xx.xx.xx.xx  http_access allow white_list  http_access deny all

After saving and closing the file, add the following lines in ‘squid.conf’.

acl allowed_ips src “/etc/squid/allowed_ips.txt”

http_access allow allowed_ips

After saving and closing the file, restart the squid service to make the whitelisted IPs work.

# systemctl restart squid

 login squid

Conclusion

This article should be helpful to people looking to set up Squid proxy server and at the end of this, I hope everyone will be able to effectively use Squid for caching.

No comment yet, add your voice below!


Add a Comment

Your email address will not be published. Required fields are marked *

Comment *

Name *
Email *
Website