Setting Up a Squid Proxy Server on Linux: A Step-by-Step Guide

Introduction ###

A proxy server acts as a gateway between users and the internet, enhancing security, privacy, and performance. Squid is a robust, open-source proxy solution widely used on Linux systems. This guide walks you through installing and configuring Squid to create your own proxy server.

Prerequisites ###

• A Linux server (Ubuntu/CentOS)
• Terminal access with sudo privileges
• Basic firewall knowledge (UFW/firewalld)

Step 1: Install Squid ###

Ubuntu/Debian:

sudo apt update && sudo apt install squid -y

CentOS/RHEL:

sudo dnf install squid -y  # or "yum" for older versions

Step 2: Configure Squid ###

1. Backup the default config:

   sudo cp /etc/squid/squid.conf /etc/squid/squid.conf.original

2. Edit the config file:

   sudo nano /etc/squid/squid.conf

3. Key settings (customize these):

   # Change default port (3128 is standard)
   http_port 3128
   
   # Allow your network (replace 192.168.1.0/24 with your subnet)
   acl local_net src 192.168.1.0/24
   http_access allow local_net
   
   # Block all other traffic
   http_access deny all

Step 3: Start & Enable Squid ###

sudo systemctl start squid
sudo systemctl enable squid  # Auto-start on boot

Firewall Configuration:

sudo ufw allow 3128/tcp  # Ubuntu
# OR
sudo firewall-cmd --permanent --add-port=3128/tcp  # CentOS
sudo firewall-cmd --reload

Step 4: Test Your Proxy ###

1. On a client device:
   Configure browser/system settings to use:

   • IP: Your server’s public IP
   • Port: 3128

2. Verify connectivity:
   Visit https://www.whatismyip.com. It should show your server’s IP.

Step 5: Add Authentication (Optional) ###

Require username/password for proxy access:

1. Install apache2-utils (Ubuntu) or httpd-tools (CentOS):

   sudo apt install apache2-utils  # Ubuntu
   sudo dnf install httpd-tools    # CentOS

2. Create a password file:

   sudo touch /etc/squid/passwords
   sudo htpasswd /etc/squid/passwords proxy_user  # Set a password

3. Add to squid.conf:

   auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/passwords
   auth_param basic realm Squid Proxy
   acl auth_users proxy_auth REQUIRED
   http_access allow auth_users

4. Restart Squid:

   sudo systemctl restart squid

Troubleshooting ###

• Check logs: tail -f /var/log/squid/access.log
• Test config syntax: squid -k parse
• Reset permissions: sudo chown -R proxy:proxy /etc/squid

Conclusion ###

You’ve now set up a secure Squid proxy server! This enables:

• 🛡️ Filtered internet access
• 📶 Bandwidth optimization
• 🔒 Anonymous browsing

To dive deeper, explore Squid’s official documentation. Happy proxying! 🐙

> Note: Always restrict proxy access to trusted IPs/users. Open proxies attract abuse!