Install Squid Proxy on Ubuntu 22.04

In this guide, you will learn to Install and Configure Squid Proxy on Ubuntu 22.04 to provide an HTTP Proxy.

Squid is a widely-used caching proxy server for Linux and Unix platforms. This means that it stores requested Internet objects, such as data on a Web or FTP server, on a machine that is closer to the requesting workstation than the server. It can be set up in multiple hierarchies to assure optimal response times and low bandwidth usage, even in modes that are transparent to end users.

Squid is not a generic proxy server. It normally proxies only HTTP connections. It supports the protocols FTP, Gopher, SSL, and WAIS, but it does not support other Internet protocols, such as the news protocol, or video conferencing protocols. Because Squid only supports the UDP protocol to provide communication between different caches, many multimedia programs are not supported.

Steps To Install and Configure Squid Proxy on Ubuntu 22.04

To complete this guide, you must log in to your server as a non-root user with sudo privileges and set up a basic firewall. To do this, you can follow our guide on Initial Server Setup with Ubuntu 22.04.

Also, you need a domain name that is pointed to your server’s IP address.

Install Squid on Ubuntu 22.04

Squid packages are available in the default Ubutnu repository. First, run your system update:

sudo apt update

Then, use the command below to install Squid proxy:

sudo apt install squid -y

Squid service will start automatically on your server. To verify it, run the command below:

sudo systemctl status squid.service
Output
● squid.service - Squid Web Proxy Server
     Loaded: loaded (/lib/systemd/system/squid.service; enabled; vendor preset:>
     Active: active (running) since Wed 2023-01-18 13:11:55 UTC; 12s ago
       Docs: man:squid(8)
    Process: 55621 ExecStartPre=/usr/sbin/squid --foreground -z (code=exited, s>
   Main PID: 55624 (squid)
      Tasks: 4 (limit: 4575)
     Memory: 15.6M
        CPU: 608ms
     CGroup: /system.slice/squid.service
...

Allow Clients to Connect to Squid

At this point, you need to make some configuration changes in the Squid configuration file on Ubuntu 22.04 to allow clients to connect to Squid from outside this server.

Open the Squid config file with your favorite text editor, we use vi editor:

sudo vi /etc/squid/squid.conf

In the file, look for the below lines:

Include /etc/squid/conf.d/*.conf...
http_access allow localhost
...http_access deny all
...

You can change the deny all to allow all and anyone can connect to your proxy server. But it’s not recommended to do that. You can add the line below and define your IP address to connect to the Squid proxy.

You can find your IP address from the What’s My IP?

Then, add the below line above the http_access allow localhost line.

...
acl localnet src your_ip_address
http_access allow localhost
...

When you are done, save and close the file.

Create username-password pairs for Squid

At this point, you need to secure your Squid proxy on Ubuntu 22.04. Squid allows you to create username-password pairs using built-in Linux functionality, as an additional or an alternative step to restricting access to your proxy by IP address.

First, you need to install some utilities from Apache in order to have access to a password generator that squid likes:

sudo apt install apache2-utils -y

Then, you can use the htpasswd command to generate a password for your new Squid user:

sudo htpasswd -c /etc/squid/passwords your_squid_username

You will be asked to enter a password for your Squid user.

Output
New password:
Re-type new password:
Adding password for user squiduser

This command will store your username along with a hash of your new password in /etc/squid/passwords, which will be used as an authentication source by Squid.

You can use the following command to see what that looks like:

sudo cat /etc/squid/passwords
Output
orca:$apr1$j1VA1QJN$wRwt9aob6sy7Ua0HknQT0.

Configure Squid on Ubuntu 22.04

At this point, you need to open the Squid configuration file on Ubuntu 22.04 again with your favorite text editor, here we use vi:

sudo vi /etc/squid/squid.conf

Then, add the red lines in your file:

…
#
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
#
include /etc/squid/conf.d/*.conf
auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/passwords
auth_param basic realm proxy
acl authenticated proxy_auth REQUIRED
# Example rule allowing access from your local networks.
acl localnet src your_ip_address
# Adapt localnet in the ACL section to list your (internal) IP networks
# from where browsing should be allowed
#http_access allow localnet
http_access allow localhost
http_access allow authenticated
# And finally deny all other access to this proxy
http_access deny all
…

When you are done, save and close the file.

To apply the changes, restart your Squid service on Ubuntu 22.04:

sudo systemctl restart squid.service

Configure Firewall for Squid

We assumed that you have enabled the UFW firewall. Now you need to open port 3128 through the firewall with the following command:

sudo ufw allow 3128

Reload the firewall to apply the new rules:

sudo ufw reload

Connect through Squid Proxy Server

To display your Squid server, you can use the curl command on Ubuntu 22.04. To do this, run the following command:

curl -v -x http://your_squid_username:your_squid_password@your_server_ip:3128 http://www.google.com/

In your output you will see:

Output
*   Trying ip-add:3128...
* Connected to (nil) (ip-add) port 3128 (#0)
* Proxy auth using Basic with user 'orca'
> GET http://www.google.com/ HTTP/1.1
> Host: www.google.com
> Proxy-Authorization: Basic b3JjYTpvcmNhMTIz
> User-Agent: curl/7.81.0
> Accept: */*
> Proxy-Connection: Keep-Alive
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Date: Wed, 18 Jan 2023 13:33:05 GMT
< Expires: -1
< Cache-Control: private, max-age=0
< Content-Type: text/html; charset=ISO-8859-1
...

Also, you can access HTTPs sites with your Squid proxy without any configuration changes.

curl -v -x http://your_squid_username:your_squid_password@your_server_ip:3128 https://www.google.com/

In your output you will see:

Output
*   Trying ip-add:3128...
* Connected to (nil) (ip-add) port 3128 (#0)
* allocate connect buffer!
* Establish HTTP proxy tunnel to www.google.com:443
* Proxy auth using Basic with user 'orca'
> CONNECT www.google.com:443 HTTP/1.1
> Host: www.google.com:443
> Proxy-Authorization: Basic b3JjYTpvcmNhMTIz
> User-Agent: curl/7.81.0
> Proxy-Connection: Keep-Alive
>
< HTTP/1.1 200 Connection established
<
* Proxy replied 200 to CONNECT request
..

For more information about Squid proxy, you can visit the Squid Documentation page.

Conclusion

At this point, you have learned to Install and Configure Squid Proxy on Ubuntu 22.04 to provide an HTTP Proxy.

Hope you enjoy it. You may be like these articles:

Install PHP Composer on Ubuntu 22.04

Install Nessus Scanner on Ubuntu 22.04

And, Install and Use Yarn on Ubuntu 22.04

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest Articles

POPULAR TAGS

Most Popular