Install and configure Squid Proxy server on Ubuntu

Squid – one of the popular and free web proxy software for linux distributions. It comes under GPL license and compatible with most of the linux flavours like Ubuntu, CentOS, Redhat, Debian, etc.  Squid has many features like caching for fast web browsing, filtering the content/urls, scheduled browsing, blacklist and whitelists, blah, blah, blah.  squid supports ftp, http, https and couple more common network protocols.

Install Squid Proxy server Ubuntu

Here we go, lets install the squid proxy server ubuntu. After installing verify the package is installed properly. I got the squid3 version 3.3.8-1ubuntu8.1 installed on my Ubuntu 14.10 server. (All the configurations here will be based on the mentioned squid3 version)

sreekanth@DigitPAGE:~$ sudo apt-get install squid3

Configure Squid Proxy server Ubuntu

Before start editing squid.conf file, its always a best practice to take a backup of squid’s main configuration file. Helpful for a reference and emergency restore.

sreekanth@DigitPAGE:~$ sudo cp /etc/squid3/squid.conf /etc/squid3/squid.conf.backup

Now open and edit the squid configuration file located as /etc/squid3/squid.conf

sreekanth@DigitPAGE:~$ sudo vim /etc/squid3/squid.conf

Ceate a new Access control list (ACL) with your internal ip range called “mylan” and allow web browsing for that “mylan” acl. Go to the 919th line of the squid.conf and add a new line as follows. (allowing web browsing to the LAN ip range 192.168.1.1 to 192.168.1.255)

acl mylan src 192.168.1.0/24

Now go to the 1058th line and add a new line as follows. Allowing http/https web browsing to the mylan access list.

http_access allow mylan

Go to the 4445th line of squid.conf and add the 4 lines exactly as follows.

request_header_access Referer deny all
request_header_access X-Forwarded-For deny all
request_header_access Via deny all
request_header_access Cache-Control deny all

Now go to the 4761st line of squid.conf and add a visible hostname for your squid proxy server ubuntu (edit to your own friendly hostname)

visible_hostname digitpage.com

Now save the squid.conf file  and restart the squid service on the ubuntu server.

sreekanth@DigitPAGE:~$ sudo service squid restart                             (available options: start, status, stop, restart)

by default squid proxy server use the TCP port 3128. Open that port if the proxy server is befind any firewall.

Tags: ,