Install And Configure Squid Proxy Server On Centos 7

In this blog post , We will learn to install and configure squid proxy Server on Centos 7.

What Is Squid Proxy Server?

  • Squid is a caching and forwarding HTTP web proxy.
  • It has a wide variety of uses, including speeding up a web server by caching repeated requests, caching web, DNS and other computer network lookups for a group of people sharing network resources, and aiding security by filtering traffic.
  • Squid has extensive access controls which makes great server accelerator.

Why Should I Use Squid?

For Websites :

It helps in scaling applications without huge investment in hardware and development.

The most frequently accessed contents are cached by squid and serves to the end-users within fraction of seconds.

For Content delivery providers :

To help distribute the content and the streaming the media’s worldwide.

For Internet Service providers :

Squid helps ISP’s to save their bandwidth by caching the content and the users will see the content at faster speed as the more frequent content are already cached.

Installing Squid On Centos

Make sure you have sudo or root privileges to execute the following commands.

Also Ensure that you are using the repository with the latest package versions.

Run the below command to update the software package repository,

yum update -y

To install the squid , Run the below command.

yum install squid -y

Start the squid service using the below command.

systemctl start squid

Enable the service to automatically start on system boot up,

systemctl enable squid

Check the status of squid using the below command,

systemctl status squid

The squid files are stored under the following directries.

The squid configuration file (squid.conf) is stored under /etc/squid folder.

The squid access log (access.log) is stored under /var/log/squid folder

The squid cache log (cache.log) is stored under /var/log/squid folder

Be default squid is configured to listen on port 3128.

Running Squid On Different Port

By default , squid proxy server runs on the port 3128.You can also change this port if required.

To setup a custom port for squid proxy server , Open /etc/squid/squid.conf

sudo vi /etc/squid/squid.conf

and change the http_port value with a new port.

install and configure squid

Once modified , Save and close the file.We need to restart the squid service.

sudo systemctl restart squid

Now Run the below command and you can see that the squid service is running on the different port as you configured.

sudo netstat -nltp |grep squid

Allowing Traffic From Squid

Sometimes We may need to allow all the traffic on the squid proxy server , For that we need make configurations changes on the squid.

Open the /etc/squid/squid.conf file and then http_access

We need to uncomment http_access allow all and then comment http_access deny all , as shown below in the image.

install and configure squid

Once done , Save and close the file and restart the squid proxy server for the changes to take effect.

Blocking Websites Using Squid Proxy Server

Sometimes you may want to block certain websites / domains and restrict users from accessing it.

Lets see how to configure squid proxy server to block domains.

For example : We will block domains such as facebook.com and youtube.com

We need to edit /etc/squid/squid.conf file.

Open /etc/squid/squid.conf file and then add the below lines before http_access allow all line as shown below.

acl blocksite1 dstdomain www.facebook.com
acl blocksite2 dstdomain www.youtube.com
http_access deny blocksite1
http_access deny blocksite2
install and configure squid

Save and close the file and then restart squid proxy server.

If you want to block many domain names , Then we can create a domain list and then configure the squid accordingly.

Go to /etc/squid folder , Create a file blockdomains.lst and then add the domain names (one domain name per line).

install and configure squid

and then we have to add the below lines to /etc/squid/squid.conf file.

acl blocklist dstdomain "/etc/squid/blockdomains.lst"
http_access deny blocklist
install and configure squid

Save and Close the file and then restart the squid proxy server.

Now that we have configured squid proxy as per the requirement.lets configure the end users (client) to use squid proxy server so that they wont be able to access certain domains as we configured.

Configuring Clients To Use Squid Proxy Server

To restrict the end users from access the certain domains from the company laptop / desktop , We need to configure the end users browser’s to use the proxy server.

To test whether the proxy server is working or not , Open the Firefox brower , Click Preferences and then search for network

install and configure squid

Click Settings , Choose Manual proxy configuration and then Provide the Proxy server’s IP address and the Port number.

install and configure squid

Once you have provided the required details , Click OK.

Now If the users accesses anything on the web, the traffic will go through the squid proxy server and restricts the users from accessing the certain domains as per the rule we configured in the proxy server.

The same settings should be configured on all the browsers installed on the system.

Lets go ahead and test whether the domains are blocked as per the squid configurations.

For testing , I have blocked domains such as facebook.com , twitter.com , reddit.com , youtube.com , Anything other than these websites I should be able to access.

Lets go to the browser and verify it.

install and configure squid
install and configure squid
install and configure squid
install and configure squid

From the above screenshots You can see that I am unable to access the domains and this is the expected behaviour.

Now If I access google.com which is not blacklisted in the squid proxy server , I should be able to access it.

install and configure squid

We can modify the domains as per the requirement in the squid configuration.

If you wish to remove proxy for the end users , Go to browser’s network settings and then change the proxy settings to No proxy

install and configure squid

Conclusion

We have successfully installed and configured squid proxy server on Centos 7.

Also we have learnt to configure squid proxy to block certain domains and allowed users to use the proxy servers.

Hope you find it helpful.

Please do check out my other articles.