How To Install Squid Proxy Server On CentOS 7

Update CentOS Software Repositories

sudo yum -y update

Install Squid Package on CentOS

yum -y install squid

To start Squid enter the following command:

systemctl start squid

Automatic start at boot set up :

systemctl enable squid

see the status of the service,by typing:

systemctl status squid

as you see in below, the state is ‘Active.’

Configuring the Squid Proxy Server

 /etc/squid/squid.conf is the Squid configuration file

1-In your text editor open it (we use vim in here):

sudo vi /etc/squid/squid.conf

2- find the http_port option. Usually, this is set to listen on Port 3218 that carries TCP traffic. If TCP traffic is not in this port, change it here:

To prevent Squid from modifying your requests and responses set proxy mode to transparent.

Change it as below:

http_port 1234 transparent

3.find the http_acacess deny all option.

As you see in below it is currently configured to block all HTTP traffic,then no web traffic is allowed.

with this code change it:

http_access allow all

4. Enter below code to Restart the Squid service :

sudo systemctl restart squid

Configure Squid Client

The Squid proxy server has been set up. Switch to your client computer and open your web browser to configure the client server.

If you’re using Firefox, the proxy settings are located at:

Menu > Options > Network Settings > Settings

Manual proxy configuration is selected as a radio button.

Using the IP address of the device that your Squid proxy is hosted on.

Visit https://whatismyipaddress.com/ip-lookup to test it. The proxy server’s IP address appears as your IP address.

Create an Access Control List (ACL)

You must configure the Access Control Lists(ACL) for connections outside the proxy server’s local network. If you receive a ‘refused to connect’ error, you may need to do this.

Simply add a new ACL entry to your list of safe ports to solve this problem.

Note: save and exit after these steps, then restart the Squid service to apply the changes.

Once more, edit the /etc/squid/squid.conf file. Add a new line like this:

acl localnet src 192.166.0.10

This will establish a rule that allows only this IP address’s device to bind.

To define the law, add a comment to the section. Squid ignores text after the # tag.

acl localnet src 192.166.0.10 # test computer

You may define an IP address set like this:

acl localnet src 192.166.0.10/30

Open Squid Proxy Ports

Add the following to open a particular port:

acl Safe_ports port 123 # Custom port

Restart Squid to save your changes:

systemctl restart squid

Set Up Proxy Authentication

Squid supports a variety of authentication methods in addition to simple authentication.

To start, run the following command to install httpd-tools:

yum -y install httpd-tools

Build a new file with the tool installed:

touch /etc/squid/passwd && chown squid /etc/squid/passwd

Use the following command to generate a password:

htpasswd /etc/squid/passwd newuser

Replace the word ‘newuser’ with your own user name.

For ‘newuser,’ the device will ask you to enter and validate a password.

Reopen your browser and restart the proxy service by typing:

systemctl restart squid

Add the following command lines to the /etc/squid/squid.conf file:

auth_param basic program /usr/lib64/squid/basic_ncsa_auth /etc/squid/passwd
auth_param basic children 5 
auth_param basic realm Squid Basic Authentication auth_param basic credentialsttl 2 hours
acl auth_users proxy_auth REQUIRED
http_access allow auth_users

When you connect to the Linux proxy server from now on, you’ll be asked for your username and password. An error message will be shown to someone who is not authenticated.

Block Websites with Squid Proxy

1-Enter the following into a new text file called /etc/squid/blocked.acl:

sudo vi /etc/squid/blocked.acl

2-Add the websites to be blocked to this file, beginning with a dot:

.facebook.com

The dot means that all subsites of the main site should be blocked.

3-Reopen the file /etc/squid/squid.conf:

sudo vi /etc/squid/squid.conf

4-Just above your ACL list, add the following lines:

acl blocked_websites dstdomain “/etc/squid/blocked.acl” http_access deny blocked_websites 

Through its unique caching capacity, Squid reduces processing time and streamlines bandwidth usage. Your server’s accelerator mode allows it to run at a breakneck pace. It greatly improves the efficiency of your network, giving your device a competitive advantage.

How To Install Squid Proxy Server On CentOS 7

Leave a Reply

Your email address will not be published. Required fields are marked *