New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
http://www.debiantutorials.com/installing-and-configuring-squid-proxy-server/
WOW! That is so simple tutorial to set it up. I just got it working. Thanks much!
Any tips to keep my squid server secure and optimized?
I use this tutorial though
http://www.erawanarifnugroho.com/2011/10/25/tutorial-installing-squid-in-debian-vps.html
https://github.com/ipoelhuda/Install-Squid3
Do remember to config some authentication if it is put on the internet, or it'll soon be abused by spam.
squid 3 with web based auth - quick way
tested on ubuntu 10.x
``
1-apt-get install squid3
2-mv /etc/squid3/squid.conf /etc/squid3/squid.conf.orig
3-nano /etc/squid3/squid.conf
and paste following:
#
Recommended minimum configuration:
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 # https
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access deny all
icp_access deny all
htcp_access deny all
http_port 3128
hierarchy_stoplist cgi-bin ?
access_log /var/log/squid3/access.log squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern (cgi-bin|\?) 0 0% 0
refresh_pattern . 0 20% 4320
auth_param basic program /usr/lib/squid3/ncsa_auth /etc/squid3/squid_passwd
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
acl ncsaauth proxy_auth REQUIRED
http_access allow ncsaauth
forwarded_for off
#
IMPORTANT
change 12.34.56.78 and write down your server ip address below
#
acl ip1 myip 12.34.56.78
tcp_outgoing_address 12.34.56.78 ip1
request_header_access Allow allow all
request_header_access Authorization allow all
request_header_access WWW-Authenticate allow all
request_header_access Proxy-Authorization allow all
request_header_access Proxy-Authenticate allow all
request_header_access Cache-Control allow all
request_header_access Content-Encoding allow all
request_header_access Content-Length allow all
request_header_access Content-Type allow all
request_header_access Date allow all
request_header_access Expires allow all
request_header_access Host allow all
request_header_access If-Modified-Since allow all
request_header_access Last-Modified allow all
request_header_access Location allow all
request_header_access Pragma allow all
request_header_access Accept allow all
request_header_access Accept-Charset allow all
request_header_access Accept-Encoding allow all
request_header_access Accept-Language allow all
request_header_access Content-Language allow all
request_header_access Mime-Version allow all
request_header_access Retry-After allow all
request_header_access Title allow all
request_header_access Connection allow all
request_header_access Proxy-Connection allow all
request_header_access User-Agent allow all
request_header_access Cookie allow all
request_header_access All deny all
#
save and done (ctrl+x ,y)
4- touch /etc/squid3/squid_passwd
5- htpasswd /etc/squid3/squid_passwd yourproxyusername
and enter your password
6- service squid3 restart
All Done!
your proxy port is 3128
NOTE: you can use Proxy Selector add-on for Firefox fo quick proxy changing.
https://addons.mozilla.org/en-US/firefox/addon/proxy-selector/
``
I followed all the steps and actually had to install apache2 before step 5 as it was not pre-installed. Now it does not prompt me for authentication and simply throws Access Denied error. Any idea what is going on?
Is there another way to authenticate with username/password without having to install Apache?
Thanks for mentioning my tutorial @bigball