Settings up Squid proxy server
Looking for a proxy server app that can be rapidly deployed on Linux?
Installing Squid on your low end box can provide your organization with a robust proxy server that can facilitate a secure Internet connection for your end users. Squid can also provide logging, access control and antivirus capabilities though such features are outside of the scope of this tutorial.
3 Simple Reasons to Install Squid
A proxy server facilitates and centralizes Internet traffic for your network. When you require your end users to connect to a corporate proxy server, you can:
• Monitor bandwidth and usage
• Provide Content Filtering
• Ensure That Connections are Encrypted
Another added benefit of using a VPS as a proxy server is the speed provided by the app. Since Squid is lightweight, a low end box could easily become a proxy server for a small to medium sized business.
So, let’s get started!
How to Setup Squid on Ubuntu
Ready to start setting up Squid as a proxy server? Here is a few things you need to know before beginning your installation of Squid on a Debian or Ubuntu VPS.
Step 1 – Spin up your VPS and Login with Putty
Configure an SSH connection to your box with administrative privileges.
Step 2 – Install Squid
Squid can be found in Ubuntu repositories. The following commands must be run in order to make sure that you have up to date system before installing Squid. At the command line interface, type:
sudo apt-get upgrade
sudo apt-get update
sudo apt-get install squid
Tip: Copy the original file that would serve as a backup
sudo cp /etc/squid3/squid.conf.default
Step 3 – Setup Access Restrictions
A rookie mistake is to leave your new proxy server open to anonymous authentication.
The best way to secure your server is to register a free dynamic DNS from a provider like dynu.com. You can restrict access to your server by creating a white list for your organizations IP address with this service.
Step 4 – Configure Squid Proxy
The Squad configuration must first be edited.
Append this file: /etc/squid3/squid.conf
http_access allow client
acl client src 220.127.116.11# Home IP
Replace the word “client” with the hostname that identifies your hostname. Replace the 18.104.22.168 with the IP address of your remote site.
You may have to repeat this step to provide secured access to your dynamic DNS service. Instead of using src, you could use srcdomain and use the hostname of your dynamic DNS service to provide access.
Step 5 – Restart Squid and Check Connectivity
After these settings are applied, restart Squid by typing:
service squid3 start
Try to ping the server or connect to it from your remote network.
Step 6 – Add the Proxy Into Your Browsers
If you have a Windows environment, you may want to issue a group policy object that requires your Internet browsers to use the IP address and ports that you’ve designated for Squid.
Note: Squid uses port 3128 by default.
Step 7 – Test Connectivity
Go to Google and type, what is my IP address? The answer is often displayed on the search engine result page. If all went well, you should receive the IP address of your low end box and not the IP address of your ISP.
This will be the first in a series of additional tutorials written by the staff at ColoCrossing. Be gentle, we’re new to the blogging thing. :)