, ,

Hi friends, today we will learn how to configure and use squid proxy server in Linux.Squid is a most popular open source software that is used as a proxy server in
many organizations. Before geting into the squid let’s know what actually a proxy
server is.

What is a proxy server ?

A proxy server is a dedicated computer system which acts as an intermediary between web browser and the internet. It sits between a server and a client application to fulfill the requests from clients seeking resources from other servers.

Squid proxy server is basically used  for 2 purposes ==>

1. To reduce the high bandwidth charges with its functionability of content caching.

2. To Restrict access to particular contents in a network means it controls everything what a client should access from internet.

Content caching in proxy server

Now let’s get a brief idea about content caching.

Content caching is a temporary storage of content such as imgaes, files, html web pages etc. Squid server use content caching to reduce bandwith charges.


Noteworthy points about Squid proxy server ==>


– It is a popular proxy server used in linux.

– Port number of squid server is 3128.

– Used in bandwith controlling.

– Used in web access filtering.

– It uses many restriction policies which can be implemented in a network.

-Highly used for the purpose of content caching.

-Configuration file of squid server in linux is /etc/squid/squid.conf.

-Squid is a high-performance HTTP and FTP caching proxy server.

– Squid proxy is used by various organisation and internet providers to reduce bandwidth and to increase response time.

– We can block specific websites, keywords,ip-address, urls and much more with squid server.

-It is widely used for increasing speed of a web server by caching repeated data.

-When a request comes to squid server, it saves a copy of it and then passes it to the server. Now if the same client again requests the same object then squid immediatly serve it. So that’s how it accerlate speed and save bandwidth.

Installation and configuration of squid proxy in Linux


Note : This tutorial is applicable for rhel5/6/7, centos5/6/7 and fedora.

Now we are going to install and configure squid server in Linux . I am using a step by step guide to make it easy to understand. So let’s start

Step 1

First of all check packages required for squid.

#rpm -q squid


Step 2

Now install squid with YUM package installation tool.

#yum install squid*


#yum install squid* -y

here * is used to download all the dependency package required for squid.
here y is used to disable manual yes/no check.


Step 3

Start the squid service

#service squid start


For Rhel 7 ==>

#systemctl restart squid


Step 4


Now go to configuration file of squid

# vim /etc/squid/squid.conf


Step 5


For troubleshooting or viewing logs and for the identity of the cache server, we
need to change the visible_hostname  option in the configuration file of squid server.


>To check your hostname simply type ==>



Now in squid configurtion file change visible_hostname as ==>

visible_hostname  yourhostname
e.g. visible_hostname  helpingyouonlne


Step 6


By default squid works on port 3128 but you can change it in configuration file.

http_port 3128



So we had done necessary configurations of squid server . Now let’s use
access control list for web access controlling in a network.

Read more :

|1| Telnet server guide in Linux ??

|2| Complete tutorial on SSH server for Rhel5/Rhel6.

|3|Postfix Server in Linux ?


Access control list (ACL) in Squid server.


First let’s see the syntax of ACL.


acl    aclname     acltype    value


Let’s understand the syntax ==>


acl ==> here acl tells a squid proxy server that it is a access control list used to implement restriction policies.


aclname ==> name of acl or rulename (You can use any name. for e.g


acltype ==> It indicates the type of acl. for example src (source) or dst


value ==> here you insert an ip address, network address or url etc.


How ACL’s are used in Squid proxy Server ?


In squid server use of ACL is a two line process ==>


First ==> acl aclname acltype value
Second ==> http-access allow/deny aclname


IN second line we use http_access statement which tells a squid server whether or
not to allow traffic that matches the ACL.


Web Access Restriction and controlling in Squid server.


Now we will use acl’s to control the web access of a network. For example i
will take the network and implement all possible rules to
control the web access of the network of


1. How to allow a network to access the internet?


First of all go to squid configuration file.

# vim   /etc/squid/squid.conf


By default all the rules are denied in the configuration file. So we have to
find follwing lines in the configuration file ==>


http_access allow localhost
http_access deny all


simply erase or repalce both lines with your desired acl. For e.g. here we have
to allow internet access to network, simple use below acl ==>

acl  mynetwork  src
http_access  allow  mynetwork


Save the configuration file and restart the squid service.


#service squid restart


#systemctl restart squid


2. How to allow localhost to access the internet.


acl localhost src
http_access allow localhost


3. How to block a particular ip in a network using squid proxy.


If i have to block a particular ip for e.g. in the network then,


acl blockip src
http_access deny blockip
acl mynetwork src
http_access allow mynetwork


So it means the network is able to access the internet except


Note: Squid proxy implement rules from top to bottom, So carefully write your rules in correct order from top to bottom.


4. Time-based rules in Squid proxy server.


If you are in a company/school/college environment then you may need to implement time based rules.
Let’s allow access to internet in a company for a particular time(9:00 – 12:00)


acl mynetwork src
acl working_hours time M T W H F A 9:00-12:00
http_access allow mynetwork working_hours


here M = Monday, T = Tuesday, W = Wednesday, H = Thursday, F = Friday, A = Saturday, S = Sunday

5. How to block an explicit website using squid proxy.


acl adult_site dst http://www.xyz.com
http_access deny adult_site


6. How to block all subdomains of a website.


If we block a website in squid like yahoo.com then its subdomains like
mail.yahoo.com are not blocked. To block domain including subdomains we have to
use following acl ==>

Acl block_domain dstdomain .yahoo.com
http_access deny block_domain


We can also block a list of domain. For this we have to create a file containing
all domain names.


#vim /etc/squid/blockeddomains.txt
>save it and give it required permission
#chmod 444 /etc/squid/blockeddomains.txt


No go to squid configuration file and create an ACL ==>


acl blocklist url_regex “/etc/squid/blockeddomains.txt”
http_access deny blocklist


6. how to block downloading of pdf files.

acl block_pdf url_regex .*.pdf$

http_access deny block_pdf


7. How to block a particular keyword using squid proxy.

acl badkeyword url_regex adult
http_access deny badkeyword


Note: url_regex is a acl type which stands for URL regular expression pattern matching.


Squid proxy server client side configuration


Client side configuration of squid server is very easy. You have to just configure your web browser to use the squid proxy. Just follow simple step by step guide =>

Open your favourite browser. For example we take google chrome browser.

Go to setting/advanced setting/change proxy setting

click on Lan setting.

Now insert your IP address and port number. In my case, I have entered as my IP address and 3128 as my port number. Now click ok.

squid kjhkd


That’s it , now google chrome is configured for squid proxy. Now you can access the internet on google chrome.



Today we have learned squid proxy server installation and configuration on a Linux system. I have tried my best to make it simple and easy to understand. If you encounter any problem regarding this article feel free to comment. Do follow us for more Linux articles and share this article on facebook & twitter.