Ask a question »

Installing an HTTP proxy server (Squid)

June 2015

A proxy server on network can be useful regarding security. Proxy servers can also act as a cache that enables users to get faster internet access. At the same time, this server allows them to share downloads more easily. Squid is a web proxy server that is secure and it has good caching facilities too. In computers based on Ubuntu operating systems, this Proxy server can be installed. This can be done by entering the required commands in the terminal of Ubuntu. It is also important to configure the proxy server after the installation process is completed.



1.Installing the proxy


To install Squid type the following command in a terminal:
sudo aptitude install squid

2.Configuring the proxy


Configuration of Squid is done by editing the following file: /etc/squid/squid.conf
To edit this file, type Alt+F2 and enter the following command:

gksu gedit /etc/squid/squid.conf

2.1.Naming the proxy


Its important that Squid knows the name of the machine. To do this, locate the line visible_hostname.
For example, if the machine is called ubuntu insert:

visible_hostname ubuntu

2.2 Choosing the Port


By default, the proxy server will use port 3128. To choose another port, locate the line:
http_port 3128


and change the port number, for example:
http_port 3177

2.3.Choosing the interface


By default the proxy server will listen on all interfaces. For security reasons, its better to put it on your local network only. For example, if the network card connected to your LAN has IP 10.0.0.1, change the line:

http_port 10.0.0.1:3177

2.4. Setting access rights and priorities


By default, nobody else is allowed to connect to the proxy server. A list of permissions must be created.

For example, we will define a group encompassing the local network.

Find the line beginning with acl localhost...
At the end of the section, add:

acl lanhome src 10.0.0.0/255.255.255.0


(lanhome is a random name chosen).

2.5. Authorizing access to group


Now that the group is defined, we will authorise it to use the proxy.
Locate the line http_access allow ... and add below (before the line http_access deny all):

http_access allow lanhome


2.6. Allow the use non-standard ports


By default, Squid allows HTTP traffic only on specific ports (e.g. 80). This can cause problems on websites using other ports.

To avoid this deadlock, find the line http_access deny! Safe_ports and the edit it to: # http_access deny! Safe_ports

3.Starting the Proxy


Restart the proxy to apply the modifications you made. Type:
sudo /etc/init.d/squid restart

Miscellaneous

Server logs


The proxy logs are located in: /var/log/squid/access.log

Changing the size of the cache

  • The Squid cache is enabled by default, which helps accelerate the loading of some pages.
  • The default allocated size is 100 MB (found in /var/spool/squid)
  • To change its size, edit the /etc/squid/squid.conf file.
  • Find the line: # cache_dir ufs /var/spool/squid 100 16 256
  • Edit it. You can change the value 100 to whatever you want (e.g. 200 for 200 MB): cache_dir ufs /var/spool/squid 200 16 256

Functions and additional modules


Squid is full of options and modules:
  • Prefetch (to preload the pages and speed up navigation).
  • Antivirus filters, AntiPopUp, etc.
  • Access control via proxy login and password.
  • Time-based access control.


To do this, open Synaptic, and click on Search and enter squid to find the modules related to Squid.
Consult the documentation for each module and the Squid manual for more information.

Links


See also: Installing an easy HTTP proxy-cache (polipo)
For unlimited offline reading, you can download this article for free in PDF format:
Installing-an-http-proxy-server-squid.pdf

See also

In the same category

Instalar un servidor proxy HTTP (Squid)
By Carlos-vialfa on July 24, 2008
Installer un serveur proxy HTTP (Squid)
By sebsauvage on April 24, 2007
Instalar um servidor proxy HTTP (Squid)
By pintuda on October 26, 2009
Original article published by sebsauvage. Translated by jak58. - Latest update by Jeff
This document entitled « Installing an HTTP proxy server (Squid) » from CCM (ccm.net) is made available under the Creative Commons license. You can copy, modify copies of this page, under the conditions stipulated by the license, as this note appears clearly.