If you’re a sysadmin I probably don’t have to explain much about what a proxy is. However, I’m aware that not everyone handles these concepts so easily. So, a proxy is a device in computer science that performs the role of intermediary. For example, Internet access is full of Proxys where through it is that requests are made. Fortunately, in Linux, we have the fabulous Squid Proxy.

Squid Proxy is a veteran program that allows you to have a proxy server running on your system. It is one of the most popular applications in the entire Unix ecosystem. Obviously, it’s open source, which guarantees you won’t have license problems or anything similar. In addition, there is a large community of users willing to shield knowledge to this tool.

Some of its characteristics are:

• Open Source. Squid Proxy is distributed under the GPL license. Vital to have no licensing problems and be used in virtually any project.
• It specializes in Unix systems such as Linux.
• Being a proxy cache supports HTTP, HTTPS, and FTP. Basic internet services.
• SSL compatible to increase connection security.

And many others that have given the role of being practically a standard for Linux.

1. Install Squid Proxy

In this tutorial, I will use a server with Ubuntu 18.04. But, Squid Proxy can be easily installed on many Linux distributions. So, in Ubuntu, the installation process is really simple.

:~$ sudo apt install squid

Next, start, enable and check the service status.

:~$ sudo systemctl start squid
:~$ sudo systemctl enable squid
:~$ sudo systemctl status squid

And that’s. So, let’s configure it.

2.- Changing the Squid Proxy port

By default, Squid uses port 3128. For security reasons it is recommended to change the port where it works. So if you can, do it.

To do it, edit the /etc/squid/squid.conf file and change the port.

:~$ sudo nano /etc/squid/squid.conf

Then, restart the service.

:~$ sudo systemctl restart squid

3. Setting some configurations

Now let’s do some basic configurations with Squid. Remember that its use is very wide and varies according to the server requirements.

First, I don’t think you want to, but you can allow or deny all HTTP traffic. This will remove Internet access from your entire network. So let’s go.

Edit the /etc/squid/squid.conf file. Remove the # at the beginning of the line to set the desired parameter.

:~$ sudo nano /etc/quid/quid.conf

You can also define which websites you want to remove access to. Very useful in organizations and at work.

In this case, I will use two websites. You can add what you want.

acl blocksite1 dstdomain espn.com
acl blocksite2 dstdomain apple.com
http_access deny blocksite1
http_access deny blocksite2

However, if you have a lot of places to block. Ideally, create a blacklist and add it to the configuration file. Create a file /etc/squid/blocked.lst.

:~$ sudo nano /etc/squid/blocked.lst

Now, edit the configuration file and add the list.

acl blocksitelist dstdomain "/etc/squid/blocked.lst"
http_access deny blocksitelist

Another way to block inappropriate sites in the organization is through keywords. Very useful if you don’t remember all the sites to restrict but you will block all those related to it.

acl blockkeyword1 url_regex gmail
acl blockkeyword2 url_regex porn
http_access deny blockkeyword1
http_access deny blockkeyword2

Or if you have a pretty extensive list, you can create a file and place them there. Then you add it to the configuration file. Similar to how it was done with domains.

:~$ sudo nano /etc/squid/blockedkw.lst

acl blockkeywordlist url_regex "/etc/squid/blockedkw.lst"
http_access deny blockkeywordlist

Now, go to the squid configuration file and add the list.

For all these changes to take effect, it is necessary to restart the Squid service.

:~$ sudo systemctl restart squid

And that’s it.

Conclusion

It’s true that Squid Proxy offers a lot of possibilities. However, today I have presented some basic options but very useful at the time of configuring it. It only remains for you to continue using and enjoying this tool.

You can also read “How to Install and Use Pacaur on Arch Linux“.

Please share this post with your friends.