If you would like to read what are proxy servers and how they can benefit you, please refer: Click
If you would like to buy a VPS to make your own Proxy Server along with this tutorial check out: Click
Squid Proxy
Little introduction about the proxy of the article:
“Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. It reduces bandwidth and improves response times by caching and reusing frequently-requested web pages. Squid has extensive access controls and makes a great server accelerator. It runs on most available operating systems, including Windows, and is licensed under the GNU GPL.”
It is very mature, quick, and flexible. That is why it is one of the most widespread web proxies. It is predominantly used in large environments, such as universities and large corporates.
But it could be just as useful for small businesses and even to an individual user.
Install Proxy Server: Squid Proxy
Step 1: Update the server
yum -y updateStep 2: Install squid
yum -y install squidStep 3: Start and enable squid server.
systemctl start squid
systemctl enable squidStep 4: Check the status of squid server.
systemctl status squidConfigure Proxy Server: Squid Proxy
The configurations for your Squid server are stored in the /etc/squid/squid.conf file
Configure your Network To Route through your Proxy to the access Internet
You have to add the IP or the IP ranges which will be making contact with your Proxy Server and then the Proxy server will act as a gateway for only those IP(s)
You have to add the IP or the IP ranges which will be making contact with your Proxy Server and then the Proxy server will act as a gateway for only those IP(s)
You can add a source IP range with an ACL using the following format.
acl localnet src <IP>Edit the configuration file /etc/squid/squid.conf. Add the source IP(s) as shown below.
Restart the proxy server after making the ACL changes.
systemctl restart squidTest proxy Server Connectivity
Test if the proxy server is working using a simple curl request. Use the following curl format. By default, squid proxy runs on 3128 port.
curl -x http://<squid-proxy-server-IP>:3128 -L http://virtono.com
Configure Proxy Authentication
As an addon to ACL, you should also add a basic authentication to your proxy server for extra security. The steps to do this are as follows:
Step 1: On your Squid server install httpd-tools
yum -y install httpd-toolsStep 2: Create an empty passwd file
touch /etc/squid/passwd Step 3 : Change the owner of the file
chown squid /etc/squid/passwdStep 3: Add squid to the password file using htpasswd utility.
You will be asked for a password, use a strong one, and don’t forget to store it. This username and password will be used for all connections through this proxy.
htpasswd /etc/squid/passwd squid
Step 4: Open squid config file.
vi /etc/squid/squid.confAdd the following to the config file and save it.
auth_param basic program /usr/lib64/squid/basic_ncsa_auth /etc/squid/passwd
auth_param basic children 5
auth_param basic credentialsttl 2 hours
auth_param basic utf8 on
auth_param basic realm Please enter your credentials for the Proxy Server!
auth_param basic casesensitive on
acl auth_access proxy_auth REQUIRED
http_access allow auth_access
Step 5: Now, restart squid server for the configuration changes to take place.
sudo systemctl restart squid
Step 6: Now if you test the proxy connection using curl, you will get the “authentication required message” as shown below.
Now, test the connectivity with proxy user and password we configured in step 3. An example syntax is shown below.
curl -x http://35.196.101.43:3128 --proxy-user squid:thisIsPassword -I http://virtono.com
With username and password, your proxy request should go through.
Blocking Websites
Another great use of the proxy server is restricting the website access. Follow the steps below for creating a block list.
Step 1: Open a blocked list file.
vi /etc/squid/blocked_sitesAdd the websites to be blocked in the file. For example,
facebook.com
instagram.com
Step 2: Open the squid config file.
vi /etc/squid/squid.confAdd the following to the ACL list.
acl blocked_sites dstdomain "/etc/squid/blocked_sites"http_access deny blocked_sites
Step 3: Restart the squid server.
systemctl restart squidNow if you try to access the blocked site through the proxy, you will get a forbidden message.
Uninstall Squid Proxy Server
In case if you would want to remove squid from your server just use the yum remove command as below.
yum remove squid
You will be prompted once to ask for confirmation.
3 Comments
Ezeelogin · May 19, 2022 at 10:11 AM
Thank you, good tutorial. I’m learning Linux it is very helpful tutorial.
james faded · February 28, 2024 at 1:40 AM
Please help, Everytime I Install it on centos 7 the server go down !!??
The Proxy Server, What, Why and How – Virtono Community · June 16, 2020 at 4:23 PM
[…] If you just want to jump to configuring a proxy server here is the How. […]