In this tutorial, we will show you how to install Squid Proxy on Ubuntu 20.04 LTS. For those of you who didn’t know, Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and many more. It can be used to improve the web server’s performance by caching repeated requests, filtering web traffic, and accessing geo-restricted content.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of Squid Proxy on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.
Prerequisites
- A server running one of the following operating systems: Ubuntu 20.04, 18.04, 16.04, and any other Debian-based distribution like Linux Mint.
- It’s recommended that you use a fresh OS install to prevent any potential issues.
- A
non-root sudo useror access to theroot user. We recommend acting as anon-root sudo user, however, as you can harm your system if you’re not careful when acting as the root.
Install Squid Proxy on Ubuntu 20.04 LTS Focal Fossa
Step 1. First, make sure that all your system packages are up-to-date by running the following apt commands in the terminal.
sudo apt update sudo apt upgrade
Step 2. Installing Squid Proxy on Ubuntu 20.04.
The squid proxy package is available from the Ubuntu repositories. To install it, run the following commands:
sudo apt install squid
Once the installation is completed, the Squid service will start automatically. To verify it, check the service status:
sudo systemctl status squid
Step 3. Configure Squid Proxy.
To start configuring your squid instance, open the file in your favorite text editor:
sudo nano /etc/squid/squid.conf
# Recommended minimum configuration: auth_param basic program /usr/lib/squid3/basic_ncsa_auth /etc/squid/squid_passwd acl ncsa_users proxy_auth REQUIRED http_access allow ncsa_users acl manager proto cache_object acl localhost src 127.0.0.1/32 acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl SSL_ports port 9001 # webmin acl CONNECT method CONNECT http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access deny all http_port 3128 forwarded_for off request_header_access Allow allow all request_header_access Authorization allow all request_header_access Proxy-Authorization allow all request_header_access Proxy-Authenticate allow all request_header_access Cache-Control allow all request_header_access Content-Encoding allow all request_header_access Content-Length allow all request_header_access Content-Type allow all request_header_access Date allow all request_header_access Expires allow all request_header_access Host allow all request_header_access If-Modified-Since allow all request_header_access Last-Modified allow all request_header_access Location allow all request_header_access Pragma allow all request_header_access Accept allow all request_header_access Accept-Charset allow all request_header_access Accept-Encoding allow all request_header_access Accept-Language allow all request_header_access Content-Language allow all request_header_access Mime-Version allow all request_header_access Retry-After allow all request_header_access Title allow all request_header_access Connection allow all request_header_access Proxy-Connection allow all request_header_access User-Agent allow all request_header_access Cookie allow all request_header_access All deny all visible_hostname idroot.us
By default, squid is set to listen on a port 3128 on all network interfaces on the server. Whenever you make changes to the configuration file, you need to restart the Squid service for the changes to take effect:
sudo systemctl restart squid
Step 4. Configure Squid Authentication.
Now we create our authentication file which Squid can use to verify for user authentications:
$ htpasswd -b /etc/squid/squid_passwd username password
Example:
$ htpasswd -b -c /etc/squid/squid_passwd meilana maria
After making changes to the config file, save the file and restart the squid server service to effect the changes using the following command entered at a terminal prompt:
sudo systemctl restart squid
Step 5. Configure firewall.
To open the Squid ports, enable the UFW ‘Squid’ profile:
sudo ufw allow 'Squid'
Step 6. Configure Proxy settings on the Firefox browser.
Now that you have Squid set up, the last step is to configure your preferred browser to use it. On your Firefox, configure it to connect to the external network via your Squid server. Preferences -> General -> Network Settings -> Manual Proxy Configuration. Check to Use this proxy server for all protocols.
Congratulations! You have successfully installed Squid. Thanks for using this tutorial for installing Squid Proxy Server on your Ubuntu 20.04 LTS Focal Fossa. For additional help or useful information, we recommend you to check the official Squid website.
