Introduction
Squid is a caching and proxy server software that many people use. It's used mainly as a forward proxy, but it can also be used as a reverse proxy. Squid offers a lot of features and is frequently utilized on large networks.
WARNING: You must exercise extreme caution while creating proxies. Hackers frequently scan the public internet for exposed proxies and use them for unlawful purposes. If you get a lot of complaints, most hosting companies will terminate your instances, so make sure you use enough authentication, such as a strong password.
This article teaches you how to install Squid Proxy on Ubuntu 20.04.
Prerequisites
- Deploy an Ubuntu 20.04 LTS cloud server at Rcs.
- Update the server.
- Create a non-root user with sudo privileges.
- Log in to your server as the non-root user.
1. Install the Dependencies
Edit the repository list file in your favorite text editor.
$ sudo nano /etc/apt/sources.list
Uncomment the following line to enable the package source repository.
# deb-src http://archive.ubuntu.com/ubuntu/ focal main restricted
Save and exit the file.
Update the package lists.
$ sudo apt update
Install the
htpasswd
utility and the build dependencies for Squid.$ sudo apt install apache2-utils $ sudo apt build-dep squid
2. Compile Squid From Source Code
Clone the official Squid GitHub repository to a directory named
squid
.$ git clone https://github.com/squid-cache/squid.git squid
Navigate to the cloned repository.
$ cd squid
Check out the repository to the
V5
(version 5) branch.$ git checkout v5
Run the dependency installation script to install additional dependencies.
$ ./bootstrap.sh
Configure the build for the Ubuntu filesystem locations.
$ ./configure --prefix=/usr --localstatedir=/var --libexecdir=${prefix}/lib/squid --datadir=${prefix}/share/squid --sysconfdir=/etc/squid --with-default-user=proxy --with-logdir=/var/log/squid --with-pidfile=/var/run/squid.pid
Compile the source code. Please do not close your SSH session until the compilation finishes.
$ make
Install the compiled binaries.
$ sudo make install
Grant Squid access to the log directory.
$ sudo chown -R proxy:proxy /var/log/squid
3. Create a Service For Squid
Edit a new file named
squid.service
in the/etc/systemd/system
directory.$ sudo nano /etc/systemd/system/squid.service
Populate the file with the following contents.
[Unit] Description=Squid Web Proxy Server Documentation=man:squid(8) After=network.target network-online.target nss-lookup.target [Service] Type=forking PIDFile=/var/run/squid.pid ExecStartPre=/usr/sbin/squid --foreground -z ExecStart=/usr/sbin/squid -sYC ExecReload=/bin/kill -HUP $MAINPID KillMode=mixed [Install] WantedBy=multi-user.target
Save and exit the file.
Reload systemd.
$ sudo systemctl daemon-reload
Start the Squid service.
$ sudo systemctl start squid
Enable the service to start on server boot.
$ sudo systemctl enable squid
4. Configure Squid
Edit the Squid configuration file in your favorite text editor.
$ sudo nano /etc/squid/squid.conf
Configure the proxy only to allow connections from authenticated users and to mask their IP addresses. Append the following lines to the top of the file.
auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/squid_passwd auth_param basic realm proxy acl authenticated proxy_auth REQUIRED http_access allow authenticated forwarded_for off request_header_access Allow allow all request_header_access Authorization allow all request_header_access WWW-Authenticate allow all request_header_access Proxy-Authorization allow all request_header_access Proxy-Authenticate allow all request_header_access Cache-Control allow all request_header_access Content-Encoding allow all request_header_access Content-Length allow all request_header_access Content-Type allow all request_header_access Date allow all request_header_access Expires allow all request_header_access Host allow all request_header_access If-Modified-Since allow all request_header_access Last-Modified allow all request_header_access Location allow all request_header_access Pragma allow all request_header_access Accept allow all request_header_access Accept-Charset allow all request_header_access Accept-Encoding allow all request_header_access Accept-Language allow all request_header_access Content-Language allow all request_header_access Mime-Version allow all request_header_access Retry-After allow all request_header_access Title allow all request_header_access Connection allow all request_header_access Proxy-Connection allow all request_header_access User-Agent allow all request_header_access Cookie allow all request_header_access All deny all
Save and exit the file.
5. Set Up Squid Authentication
Create the Squid Proxy credentials file.
$ sudo touch /etc/squid/squid_passwd
Create a new user on your proxy. Replace
youruser
in the next command with your desired username. The command prompts you for the password twice. You may use the next command multiple times to create additional users.$ sudo htpasswd /etc/squid/squid_passwd youruser
Restart the Squid service.
$ sudo service squid restart
6. Configure the Firewall
Open the Squid Proxy port (3128/UDP
) with UFW.
$ sudo ufw allow 3128/udp
7. Use Your Proxy
You may now use Squid as a forwarding proxy. Set up your web browser's "internet settings" to use your proxy, including the username and password that you've created earlier. Visit an IP address detection site, such as this one, to ensure that the proxy is functioning correctly.
The site should show that it's being visited from a Rcs IP address.
Conclusion
In this article, you have learned how to install Squid Proxy on an Ubuntu 20.04 server. You have also learned how to secure the proxy from unauthorized access.