Tuesday, 5 May 2015

Block Websites using Squid Web Proxy Server

In this tutorial, we use Squid web proxy server to block access to websites. A file containing the list of websites to block is provided to the squid server at configuration time.


1) Install packages
      yum -y install squid


2) Create the file '/etc/squid/banned-sites.squid' containing a list of websites to block.
      www.bbc.com
      www.cnn.com


3) Change owner, permissions
      chmod 640 /etc/squid/banned-sites.squid
      chown root.squid /etc/squid/banned-sites.squid


4) Edit the file '/etc/squid/squid.conf' and add the following lines.

     #In the acl section, add this line
     acl blocksites dstdomain "/etc/squid/banned-sites.squid"

     #In the http_access  section, add this line
     http_access deny blocksites

5) Start the service
     systemctl start squid
     systemctl enable squid

6) Open Firewall Ports.
     firewall-cmd --zone=public --add-port=3128/tcp --permanent
     firewall-cmd --reload

7) Configure Browser's proxy server settings.
      You have to configure your browser's proxy server settings to point to    the squid proxy server. For firefox web browser, the steps are as follows:  click Preferences, click Advanced, click Network, click Settings, Click Manual Proxy Configuration. In HTTP Proxy enter IP address of the Squid proxy server and in Port enter 3128 (the default port of squid proxy server)

8) Access website in browser


NOTE: In the file '/etc/squid/squid.conf', the default settings for local network are configured for 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/24. If your local network is not in this range, then add your own rule as follows:
       acl your-network-acl-name src ip-range
       http_access allow your-network-acl-name


2 comments:

  1. very nice and helpfull article.The translation service is really very helpful to me.
    1337x UK proxy

    ReplyDelete
  2. It primarily makes use of a virtual connection that is routed via a computer's private network to an employee or a remote site. why use VPN

    ReplyDelete