SnapShooter Learning Center

How to Install and Setup Squid Proxy on Ubuntu 20.04

How to Install and Setup Squid Proxy on Ubuntu 20.04

Simon Bennett]
Simon Bennett
Last Updated: Oct 27, 2021
Table of Contents

# Introduction

Squid is a free and open-source proxy caching server that offers proxy and caching services for HTTP, HTTPS and FTP protocol. It will improve your web server performance by caching the stored requests and accessing the restricted content. Squid is also used to hide your identity and block specific websites based on a word, domain and URLs. It can be used as a gateway between server and client machines, and filter internet traffic.

Features

  • Speed up content delivery and response time.
  • Reduce the bandwidth.
  • Implement network access policies.
  • Filter the outbound content.
  • Distribute load between multiple servers.

In this guide, we will show you how to set up a Squid Proxy server on Ubuntu 290.04.


# Requirements

  • A server running Debian 11 operating system.
  • A root password is set up on your server.

# Install Squid Proxy

First, open your command-line interface and install the Squid Proxy package by running the following command:

apt-get install squid -y

Once the installation is complete, start the Squid proxy service and enable it to start at system reboot:

systemctl start squid
systemctl enable squid

Now, verify the Squid Proxy server status using the command below:

systemctl status squid

You will get the following output:

● squid.service - Squid Web Proxy Server
 Loaded: loaded (/lib/systemd/system/squid.service; enabled; vendor preset: enabled)
 Active: active (running) since Tue 2021-10-26 14:14:54 UTC; 1min 20s ago
   Docs: man:squid(8)
 Main PID: 1277 (squid)
  Tasks: 4 (limit: 2353)
 Memory: 16.1M
 CGroup: /system.slice/squid.service
         β”œβ”€1277 /usr/sbin/squid -sYC
         β”œβ”€1279 (squid-1) --kid squid-1 -sYC
         β”œβ”€1297 (logfile-daemon) /var/log/squid/access.log
         └─1300 (pinger)

Oct 26 14:14:54 ubuntu2004 squid[1279]: Max Swap size: 0 KB
Oct 26 14:14:54 ubuntu2004 squid[1279]: Using Least Load store dir selection
Oct 26 14:14:54 ubuntu2004 squid[1279]: Set Current Directory to /var/spool/squid
Oct 26 14:14:54 ubuntu2004 squid[1279]: Finished loading MIME types and icons.

To verify the Squid Proxy version, run the following command:

squid -v

You will get the following output:

Squid Cache: Version 4.10
Service Name: squid
Ubuntu linux

By default, Squid Proxy listens on port 3128. You can check it using the following command:

ss -antpl | grep squid

You should see the following output:

LISTEN    0         256                      *:3128                   *:*        users:    (("squid",pid=1279,fd=12))                                               

# Configure Squid Client Authentication

First, we will configure Squid to allow users to authenticate before using the proxy. To do so, you will need to enable basic HTTP authentication in the Squid configuration file.

First, you will need to install apache2-utils package to create a user for authentication.

apt-get install apache2-utils -y

Next, create a user named user1 and set a password using the following command:

htpasswd -c /etc/squid/htpasswd user1

You can set a password as shown below:

New password: 
Re-type new password: 
Adding password for user user1

Next, verify the generated password using the following command:

cat /etc/squid/htpasswd

You will get the following output:

user1:$apr1$zX/dCXfk$HVXEEudWG/UZudhwWCIl60

Next, edit the Squid configuration file and enable the basic authentication.

nano /etc/squid/squid.conf

Add the following lines at the beginning of the file:

auth_param basic program /usr/lib/squid3/basic_ncsa_auth /etc/squid/htpasswd
acl ncsa_users proxy_auth REQUIRED
http_access allow ncsa_users

Save and close the file then restart the Squid service to apply the changes:

systemctl restart squid

# Configure Squid to Control Internet Usage

You can configure Squid Proxy to control internet usage based on the various rules. Squid allows you to block websites based on the domain, URLs and keywords.

To block a website, you will need to edit the Squid configuration file and add an ACL:

nano /etc/squid/squid.conf

Add the following rules at the beginning of the file:

acl block_web dstdomain "/etc/squid/denyweb.txt"
http_access deny block_web

Save and close the file then create a file named denyweb.txt:

nano /etc/squid/denyweb.txt

Add all websites that you want to block:

.linkedin.com
.google.com
.youtube.com

Save and close the file when you are finished.

If you want to block a website based on keywords, edit the Squid configuration file and add an ACL:

nano /etc/squid/squid.conf

Add the following line:

acl blockurl url_regex -i "/etc/squid/urls.txt"
http_access deny blockurl

Save and close the file.

Next, create a file named urls.txt and add all keywords that you want to block:

nano /etc/squid/urls.txt

Add the following keywords:

facebook
yahoo
badword

Save and close the file when you are finished. Then, restart the Squid service to apply the changes:

systemctl restart squid

At this point, Squid Server is installed and configured. Now, you will need to configure the Client machine to use the Squid Proxy.


# Configure Client to Use the Squid Proxy

On the client machine, open the Firefox web browser, click on Edit => Preferences as shown below:

Firefox Preferences

Now, scroll down and click on the Network Settings => Settings. You should see the following screen:

Firefox Network Settings

Now, select Manual proxy configuration, provide your Squid proxy server IP address, port and click on the OK button.

Now, type the URL https://www.wizcase.com/tools/whats-my-ip in your web browser. You will be asked to provide your Proxy username and password as shown below:

Squid Password Prompt

Provide your username, password and click on the OK button to authenticate the Squid proxy server. You will get the following page:

Display Squid IP

On the above page, you can see the IP address of the Squid proxy server. This confirms that you are surfing the web using your proxy server.

Now, try to access google.com. You should see the following page with a message "The proxy server is refusing connections":

Squid Blocks Google.com


# Conclusion

In the above post, we explained how to install the Squid Proxy server on Ubuntu 20.04. We also set up a basic client authentication and add some ACLs to block the websites based on domain and keywords. You can now implement the Squid proxy server in your local network to control internet usage.


Did you find this article helpful?