Ubuntu Squid proxy server Configuration

Install Squid Proxy on Ubuntu

1.pngSquid is a popular proxy and caching server application. It primarily serves as a forward proxy, but can also be used as a reverse proxy. Squid provides many features and is often used on enterprise-level networks.

This tutorial will show you how to setup a simple HTTP proxy with authentication using Squid. Steps listed in this tutorial were tested on Ubuntu 15.04 and 15.10.

WARNING: You must be very careful when creating proxies. Hackers frequently scan the public internet for open proxies use them for malicious activities. Most hosting companies will suspend your instances if you receive too many complaints, so ensure that you use sufficient authentication, such as a strong password.

This tutorial assumes that you are using a freshly created VPS with no installed packages.

Installation

First, ensure that the apt-get package library is up-to-date by running the command below. This will ensure that the latest packages have been installed.

$ apt-get update

Once this has completed, it is time to install the squid application and htpasswd. Run the following command using sudo to install both packages.

$ sudo apt-get install squid apache2-utils

After the Squid install completes, I suggest that you create a copy of the original config file created during the install as it is a helpful reference and allows you to rollback any changes.

$ sudo mv /etc/squid3/squid.conf /etc/squid3/squid.conf.default

Next, create the files needed by Squid to store the credentials of the proxy accounts.

$ sudo touch /etc/squid3/squid_passwd $ sudo chown proxy /etc/squid3/squid_passwd

Configuration

Open the squid config file for editing using a text editor, such as nano.

$ sudo nano /etc/squid3/squid.conf

Add the following lines to the file so that authenticated users can connect to the proxy.

auth_param basic program /usr/lib/squid3/basic_ncsa_auth /etc/squid3/squid_passwd auth_param basic realm proxy acl authenticated proxy_auth REQUIRED http_access allow authenticated

In addition, to hide the IP of the person connecting to the proxy from being shown in HTTP headers, add the following lines under the ones above.

forwarded_for off request_header_access Allow allow all request_header_access Authorization allow all request_header_access WWW-Authenticate allow all request_header_access Proxy-Authorization allow all request_header_access Proxy-Authenticate allow all request_header_access Cache-Control allow all request_header_access Content-Encoding allow all request_header_access Content-Length allow all request_header_access Content-Type allow all request_header_access Date allow all request_header_access Expires allow all request_header_access Host allow all request_header_access If-Modified-Since allow all request_header_access Last-Modified allow all request_header_access Location allow all request_header_access Pragma allow all request_header_access Accept allow all request_header_access Accept-Charset allow all request_header_access Accept-Encoding allow all request_header_access Accept-Language allow all request_header_access Content-Language allow all request_header_access Mime-Version allow all request_header_access Retry-After allow all request_header_access Title allow all request_header_access Connection allow all request_header_access Proxy-Connection allow all request_header_access User-Agent allow all request_header_access Cookie allow all request_header_access All deny all

2.pngYour Squid config file should now look something like this:

To create users on your proxy, execute the following command, replacing youruser with your desired user name. It will request the password twice.

$ sudo htpasswd /etc/squid3/squid_passwd youruser

You may create additional users in the same manner.

Save and close the file using Control + O and Control + X.

Restart the Squid service.

$ sudo service squid3 restart

Using your proxy

Now that Squid is setup, you can use it as a forwarding proxy. Configure the "internet settings" of your web browser to use your proxy, including the user name and password that you generated earlier. To verify that the proxy is working, visit an IP address detection site, like this one.

Source: www.vultr.com


Related posts:

  1. Squid proxy server Software
  2. Squid proxy server Configuration in Linux
  3. Linux proxy server Configuration
  4. Ubuntu Socks proxy server
  5. Windows proxy server Configuration