How to Configure a Squid Proxy Server on VPS

A Squid Proxy Server is a highly flexible tool that allows you to forward HTTP, HTTPS, and FTP traffic to optimize internet browsing speeds, block unwanted content, and enhance security. Configuring Squid on a VPS offers you control over your network traffic, providing privacy, faster access to cached content, and the ability to manage internet usage.

In this guide, we’ll walk you through the steps to set up and configure a Squid Proxy Server on your AnonVM VPS. Once installed, Squid will act as an intermediary between your users and the internet, improving performance and security.


Prerequisites

  • AnonVM VPS running a compatible Linux distribution (Ubuntu 20.04 or later recommended).
  • Root access or sudo privileges.
  • Basic knowledge of Linux command line.

Step 1: Install Squid Proxy Server

Squid is available in the official Ubuntu repositories, making installation simple.

  1. Update your package list:

     
    sudo apt update
  2. Install Squid:

     
    sudo apt install squid -y
  3. Verify the installation: After installation, verify that Squid is working by checking its version:

     
    squid -v

    You should see the Squid version and other related details.


Step 2: Configure Squid Proxy Server

Squid’s configuration file is located at /etc/squid/squid.conf. This file controls how Squid behaves, such as which traffic to allow or deny, and where to store cache data.

  1. Back up the default Squid configuration: It’s always a good idea to make a backup of the default configuration before making changes.

     
    sudo cp /etc/squid/squid.conf /etc/squid/squid.conf.backup
  2. Edit the Squid configuration file: Open the Squid configuration file with a text editor:

     
    sudo nano /etc/squid/squid.conf
  3. Basic Configuration Adjustments:

    • HTTP Port: By default, Squid listens on port 3128. You can change this if needed. To change the port, find the following line and update the port number:

       
      http_port 3128
    • Allow Access: By default, Squid denies all incoming traffic. To allow connections, you need to define ACLs (Access Control Lists). Add or modify the following lines to allow your IP address (replace your_ip_address with your actual IP):

       
      acl allowed_ips src your_ip_address http_access allow allowed_ips

      If you want to allow all IP addresses, use:

       
      http_access allow all
    • DNS Lookups: Ensure that Squid is configured to use the correct DNS servers. Look for the following lines and make sure they are correctly set up:

       
      dns_nameservers 8.8.8.8 8.8.4.4
  4. Configure Access Control (Optional): You can configure more specific access controls based on your needs. For example, you can block certain websites or restrict access by time of day.

    To block a specific website:

     
    acl blocked_sites dstdomain .example.com http_access deny blocked_sites

Step 3: Configure Squid Logging

Squid logs information about requests and errors to log files. By default, Squid logs to /var/log/squid/access.log and /var/log/squid/cache.log.

  1. Access Log Configuration: Squid uses the access.log file to store information about each request that passes through the proxy. You can customize the log format by modifying the following lines in the configuration file:

     
    access_log /var/log/squid/access.log squid
  2. Error Log Configuration: Squid also maintains an error log to track system or configuration issues. By default, the error log is located at:

     
    error_log /var/log/squid/cache.log

Step 4: Restart Squid Service

Once you have configured Squid, restart the Squid service to apply the changes.

 
sudo systemctl restart squid

To ensure that Squid starts on boot, enable it to start automatically:

 
sudo systemctl enable squid

Step 5: Configure Firewall (Optional but Recommended)

If you are using a firewall (such as UFW), you need to open the Squid port (default is 3128) to allow inbound traffic to the proxy server.

  1. Allow Squid Port (3128):

     
    sudo ufw allow 3128/tcp
  2. Enable UFW: If UFW is not enabled, start and enable it:

     
    sudo ufw enable
  3. Verify UFW Status: Check the status of UFW to ensure the port is open:

     
    sudo ufw status

Step 6: Test the Squid Proxy Server

After configuring Squid, test it to ensure it’s functioning correctly.

  1. Configure your browser to use the proxy:

    • Open the Network settings in your browser.
    • Set the HTTP Proxy to the IP address of your VPS (e.g., your_vps_ip).
    • Set the Port to 3128 (or the custom port you configured).
  2. Test the connection: Visit any website, and your connection should go through the Squid proxy server. You can check the access.log file to see if the requests are logged.

     
    tail -f /var/log/squid/access.log

Step 7: Monitor and Maintain Squid

To ensure your Squid proxy server is running efficiently, you should periodically check the logs and monitor traffic usage.

  1. Monitor Squid logs: You can view detailed logs of client requests and traffic by running:

     
    sudo tail -f /var/log/squid/access.log
  2. Clear Squid Cache: Squid caches website content to speed up future access. Over time, the cache may become large, and clearing it can free up disk space. To clear the Squid cache, run:

     
    sudo squid -z sudo systemctl restart squid

Step 8: Advanced Configuration (Optional)

Squid offers many advanced features such as:

  • SSL Bumping: Squid can decrypt SSL traffic and inspect it. This is useful for monitoring encrypted traffic.
  • Authentication: You can configure Squid to require users to authenticate before they can use the proxy. This adds a layer of security and allows for better traffic control.
  • Caching Optimization: You can fine-tune Squid’s caching settings to make your proxy server more efficient.

Conclusion

Setting up a Squid Proxy Server on your AnonVM VPS is a straightforward process that provides numerous benefits, such as increased browsing speed, enhanced security, and content filtering. By following the steps above, you now have a fully functional proxy server that can be customized to suit your needs.

Whether you are using Squid for personal privacy, business security, or network optimization, it offers a powerful solution for managing and monitoring internet traffic. Keep your system updated, monitor your logs, and adjust your configurations as needed to ensure the best performance and security.

Was this answer helpful? 0 Users Found This Useful (0 Votes)

Powered by WHMCompleteSolution