LinuxTutorialsUbuntu

How To Install and Configure Squid 3 on Ubuntu

Install and Configure Squid 3 on Ubuntu

In this tutorial, we will show you how to install and configure Squid 3 on Ubuntu. For those of you who didn’t know, Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Squid proxy is used by various organizations and internet providers to reduce bandwidth and increase response time.

This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges.

Prerequisites

  • A server running one of the following operating systems: Ubuntu Linux.
  • It’s recommended that you use a fresh OS install to prevent any potential issues.
  • SSH access to the server (or just open Terminal if you’re on a desktop).
  • An active internet connection. You’ll need an internet connection to download the necessary packages and dependencies for Squid.
  • A non-root sudo user or access to the root user. We recommend acting as a non-root sudo user, however, as you can harm your system if you’re not careful when acting as the root.

Install and Configure Squid 3 on Ubuntu

Step 1. First, make sure that all your system packages are up-to-date by running the following apt-get commands in the terminal.

sudo apt-get update
sudo apt-get upgrade

Step 2. Installing Squid 3 on Ubuntu.

Install the Squid package and dependencies using the below command:

apt-get -y install squid3

Step 3. Edit squid configuration file ‘/etc/squid/squid.conf

nano /etc/squid3/squid.conf
# Recommended minimum configuration:
auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid3/squid_passwd
acl ncsa_users proxy_auth REQUIRED
http_access allow ncsa_users

acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32
acl SSL_ports port 443
acl Safe_ports port 80            # http
acl Safe_ports port 21            # ftp
acl Safe_ports port 443           # https
acl Safe_ports port 1025-65535    # unregistered ports
acl Safe_ports port 280           # http-mgmt
acl Safe_ports port 488           # gss-http
acl Safe_ports port 591           # filemaker
acl Safe_ports port 777           # multiling http
acl SSL_ports port 9001           # webmin
acl CONNECT method CONNECT

http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny all
http_port 3128

#Setting up multiple outgoing IP addresses
#acl godet myip 192.168.1.100
#tcp_outgoing_address 192.168.1.100 godet
#acl jaran myip 192.168.1.101
#tcp_outgoing_address 192.168.1.101 jaran

hierarchy_stoplist cgi-bin ?
coredump_dir /var/spool/squid3
cache deny all

refresh_pattern ^ftp:        1440    20%    10080
refresh_pattern ^gopher:    1440    0%    1440
refresh_pattern -i (/cgi-bin/|\?) 0    0%    0
refresh_pattern .        0    20%    4320

icp_port 3130

forwarded_for off

request_header_access Allow allow all
request_header_access Authorization allow all
request_header_access Proxy-Authorization allow all
request_header_access Proxy-Authenticate allow all
request_header_access Cache-Control allow all
request_header_access Content-Encoding allow all
request_header_access Content-Length allow all
request_header_access Content-Type allow all
request_header_access Date allow all
request_header_access Expires allow all
request_header_access Host allow all
request_header_access If-Modified-Since allow all
request_header_access Last-Modified allow all
request_header_access Location allow all
request_header_access Pragma allow all
request_header_access Accept allow all
request_header_access Accept-Charset allow all
request_header_access Accept-Encoding allow all
request_header_access Accept-Language allow all
request_header_access Content-Language allow all
request_header_access Mime-Version allow all
request_header_access Retry-After allow all
request_header_access Title allow all
request_header_access Connection allow all
request_header_access Proxy-Connection allow all
request_header_access User-Agent allow all
request_header_access Cookie allow all
request_header_access All deny all
visible_hostname idroot.us

Step 4. Create our authentication file which Squid can use to verify for user authentications:

htpasswd -b /etc/squid3/squid_passwd username password

Example:

htpasswd -b -c /etc/squid3/squid_passwd ranty ratna

Step 5. After making changes to the config file, save the file and restart the squid server service to effect the changes using the following command entered at a terminal prompt:

service squid3 restart

If you experience any problems, you can check the access.log for more information:

sudo tail -f /var/log/squid3/access.log

Congratulations! You have successfully installed Squid. Thanks for using this tutorial for installing Squid caching proxy in the Ubuntu system. For additional help or useful information, we recommend you to check the official Squid website.

VPS Manage Service Offer
If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!

r00t

r00t is an experienced Linux enthusiast and technical writer with a passion for open-source software. With years of hands-on experience in various Linux distributions, r00t has developed a deep understanding of the Linux ecosystem and its powerful tools. He holds certifications in SCE and has contributed to several open-source projects. r00t is dedicated to sharing her knowledge and expertise through well-researched and informative articles, helping others navigate the world of Linux with confidence.
Back to top button