Linux Applications

How to Install and Setup Squid Proxy Server on Your Linux Server?

Squid proxy is a web proxy application that can be installed and set up on Linux and other Unix-like operating systems. It is used to increase web browsing speed by caching the websiteā€™s data, controlling web traffic, security, and DNS lookups. The squid proxy server acts as an intermediate between the client (web browsers, etc.) and the internet. It is compatible with web protocols HTTP and HTTPS, as well as other protocols like FTP, WAIS, etc.

How to Install Squid Proxy?

To install squid proxy on Linux, first, update the system packages by executing the following command:

ubuntu@ubuntu:~$ sudoĀ  aptĀ  update

Once you have updated your system, you can install squid proxy by typing this command:

ubuntu@ubuntu:~$ sudo apt -y install squid

Squid proxy will be installed. To start and see the status of Squid proxy, execute these commands:

ubuntu@ubuntu:~$ sudo service squid start
ubuntu@ubuntu:~$ sudo service squid status

Configuration for Your Web Browser

Before you make any changes to the squid configuration file, you have to change some settings in your web browser. So, open your web browser and open ā€œnetwork settingsā€, then proceed to ā€œproxy settingsā€. Click on the ā€œmanual proxyā€ configuration, then write the IP_Address of your squid proxy server in the HTTP proxy bar and port no (by default, squid proxy port is 3128). Now, the squid proxy will go through your IP_Address. You can check it by typing any URL in your web browser; it will give you an error saying access denied, and to allow the access, we have to make changes in the squid configuration file.

Squid Proxy Configuration

You can access the squid configuration file in the directory ā€œetc/squid/squid.confā€.

ubuntu@ubuntu:~$ cdĀ  etc/squid/squid.conf

Make a copy of the ā€œsquid.confā€ file as a backup file if we want to make changes to the ā€œsquid.confā€ file.

ubuntu@ubuntu:~$ cpĀ  etc/squid/squid.confĀ Ā  etc/squid/backup.conf

Now that a copy has been made as a backup file, we can make changes in the ā€œsquid.confā€ file.

To open ā€œsquid.confā€ file in vim, type this command:

ubuntu@ubuntu:~$ sudo vim /etc/squid/squid.conf

Go to the line http_access deny all.

Change it to:

http_access allow all

Now, check your web browser again, type any URL, and it should be working.

ACL (Access Control List)

There is another case used in squid proxy that allows you to also control the access to different websites (web traffic) by either allowing or blocking them. To do so, go to the line ā€œacl CONNECT method CONNECTā€.

And below this line, write the ACL (access control list) to block the websites you want.

acl block_websites dstdomain .facebook.com .youtube.com .etc.com

Then deny the statement.

http_access deny block_websites

Save the changes, and to check whether your blocked websites are blocked or not, restart your squid service and verify the URL in your web browser.

ubuntu@ubuntu:~$ sudo service squid restart

You can also block a user from downloading specific files like audio and video files using ACL.

aclĀ  media_filesĀ  urlpath_regex -iĀ  \.(mp3|mp4|FLV|AVI|MKV)

It will prevent the user from downloading audio or video files with extensions like mp3, mp4, FLV, etc. Add any file extension you want to prevent from downloading. Now, below this line, write the deny statement.

http_access deny media_files

The media files will then be blocked from downloading.

Caching Web Pages

Proxy servers are also used for boosting the network performance by loading the web page faster by caching the websiteā€™s data. You can also change the directory location where cached data should be stored. Moreover, you can also change the cache file size and no. of directories in which data would be saved.

To make changes, open ā€œsquid.confā€ file and go to the following line:

#chache_dir ufs /opt/squid/var/cache/squid 100 16 256

This line will be commented by default, so uncomment this line by removing the # sign.

In the above line, there is a phrase ā€œ100 16 256ā€. The 100 shows the size of the cache file, and you may change it to any size like 300. 16 shows the number of directories in which the cache file is saved. 256 shows the no. of subdirectories.

chache_dir ufs /opt/squid/var/cache/squid 300 20 260

You can also change the size of the cache file by adding the following line in the ā€œsquid.confā€ file:

cache_mem 300 MB

If you want to change the path of the cache file directory, type the following command:

ubuntu@ubuntu:~$ sudo mkdir -p /path/where/you/want/to/place/file

To change the ownership of the cache directory to squid proxy, you have to execute this command:

ubuntu@ubuntu:~$ sudo chown -R proxy:proxy /path/where/you/want /to/place/file

Now, stop the squid service using this command:

ubuntu@ubuntu:~$ sudo service squid stop

And then run the command with this command:

ubuntu@ubuntu:~$ sudo squid -z

It will make the missing cache directories in the new cache directory.

Now, start the squid service again using the command below:

ubuntu@ubuntu:~$ sudo service squid start

Conclusion

We have discussed how to install and configure Squid proxy. It is very simple and easy to use and has vast applications. Squid proxy is a very good tool that can be used in organizations or by small internet service providers to control web traffic and internet access. It boosts web browsing speed and provides security mechanisms for web traffic.

About the author

Usama Azad

A security enthusiast who loves Terminal and Open Source. My area of expertise is Python, Linux (Debian), Bash, Penetration testing, and Firewalls. Iā€™m born and raised in Wazirabad, Pakistan and currently doing Undergraduation from National University of Science and Technology (NUST). On Twitter i go by @UsamaAzad14