How To Install Proxy Server In Centos 7

How to Install Squid Proxy Server on CentOS 7 – phoenixNAP

System administrators use the Squid Proxy to augment their content delivery. Squid Proxy specifically allows a server to cache frequently visited web pages.
How? When a user seeks a web page or file, the request goes to the proxy server — the intermediary device between the desktop computer and the internet. The proxy server pulls the resource and relays it to the user, by caching the new data and using it for future requests made to the same server.
In this guide, you will learn how to set up, configure, and install a Squid Proxy server on CentOS 7.
CentOS operating systemAccess to a terminal window/command-line (Ctrl-Alt-T)A CentOS user with root or sudo privilegesThe yum package installer, included by defaultA text editor, such as vim
Steps for Installing Squid Proxy on CentOS
Step 1: Refresh CentOS Software Repositories
Ensure that you are working with the latest software version by updating your repositories.
Launch a terminal window, and enter the following:
sudo yum -y update
Step 2: Install Squid Package on CentOS
To install Squid, type:
yum -y install squid
Now start Squid by entering the following command:
systemctl start squid
To set up an automatic start at boot:
systemctl enable squid
Review the status of the service, use:
systemctl status squid
In the example below, we see that the state is ‘Active. ’
Configuring the Squid Proxy Server
The Squid configuration file is found at /etc/squid/
1. Open the file in your preferred text editor (vim was used in this example}:
sudo vi /etc/squid/
2. Navigate to find the _port option. Typically, this is set to listen on Port 3218. This port usually carries TCP traffic. If your system is configured for traffic on another port, change it here:
You may also set the proxy mode to transparent if you’d like to prevent Squid from modifying your requests and responses.
Change it as follows:
_port 1234 transparent
3. Navigate to the _acacess deny all option.
It is currently configured to block all HTTP traffic, and no web traffic is allowed as shown below.
Change this to the following:
_access allow all
4. Restart the Squid service by entering:
sudo systemctl restart squid
Configure Squid Client
The Squid proxy server is now configured. To configure the client server switch to your client machine and open your web browser.
If you’re using Firefox, you can find the proxy settings under:
Menu > Options > Network Settings > Settings
Select the radio button for Manual proxy configuration.
Use the IP address for the system hosting your Squid proxy.
To test, you can visit. Your IP address appears as the proxy server’s IP address.
Create an Access Control List (ACL)
For connections outside the proxy server’s local network, you need to configure the Access Control Lists (ACL). This may be necessary if you get a ‘refused to connect’ error.
To solve this problem, simply add to your list of safe ports with a new ACL entry.
Note: After each of the following steps, you should save and exit, then restart the Squid service to apply the new configuration.
Edit the /etc/squid/ file once again. Add a new line as follows:
acl localnet src 192. 166. 0. 10
This will create a rule that only allows the system at this IP address to connect.
Comment the line to identify the rule. Text after the # sign is ignored by Squid.
acl localnet src 192. 10 # test computer
You can specify a range of IP address as follows:
acl localnet src 192. 10/30
Open Squid Proxy Ports
To open a specific port, add the following:
acl Safe_ports port 123 # Custom port
To save changes, restart Squid:
systemctl restart squid
Set Up Proxy Authentication
Squid offers basic authentication alongside supporting other types of authentication.
First, install d-tools with the following command:
yum -y install d-tools
With the tool installed, create the new file:
touch /etc/squid/passwd && chown squid /etc/squid/passwd
To create the password, use this command:
htpasswd /etc/squid/passwd newuser
Exchange the ‘newuser‘ with your user name.
The system will prompt you to enter and confirm a password for ‘newuser. ’
Restart the proxy service and re-open your browser by inserting:
Edit the /etc/squid/ file, and add the following command lines:
auth_param basic program /usr/lib64/squid/basic_ncsa_auth /etc/squid/passwd
auth_param basic children 5
auth_param basic realm Squid Basic Authentication
auth_param basic credentialsttl 2 hours
acl auth_users proxy_auth REQUIRED
_access allow auth_users
From now on when you connect to the Linux proxy server, you will see a prompt for your username and password. Any unauthenticated person will be stopped by an error message.
How to Block Websites with Squid Proxy
1. Create and edit a new text file /etc/squid/ by entering:
2. In this file, add the websites to be blocked, starting with a dot:..
The dot specifies to block all subsites of the main site.
3. Open the /etc/squid/ file again:
4. Add the following lines just above your ACL list:
acl blocked_websites dstdomain “/etc/squid/”
_access deny blocked_websites
In this tutorial, you learned how to install, configure and secure a Squid HTTP Proxy server.
Squid improves processing time and streamlines bandwidth use quickly through its unique caching power. In its accelerator mode, your server can work with impressive speed. It significantly enhances your network’s performance, giving your system a competitive edge.
How to Create an HTTP Proxy Using Squid on CentOS 7/8

How to Create an HTTP Proxy Using Squid on CentOS 7/8

Web proxies have been around for quite some time now and have been used by millions of users around the globe. They have a wide range of purposes, most popular being online anonymity, but there are other ways you can take advantage of web proxies. Here are some ideas:
Online anonymity
Improve online security
Improve loading times
Block malicious traffic
Log your online activity
To circumvent regional restrictions
In some cases can reduce bandwidth usage
How Proxy Server Works
The proxy server is a computer that is used as an intermediary between the client and other servers from which the client may request resources. A simple example of this is when a client makes online requests (for example want to open a web page), he connects first to the proxy server.
The proxy server then checks its local disk cache and if the data can be found in there, it will return the data to the client, if not cached, it will make the request in the client’s behalf using the proxy IP address (different from the clients) and then return the data to the client. The proxy server will try to cache the new data and will use it for future requests made to the same server.
What is Squid Proxy
Squid is a web proxy that used my wide range of organizations. It is often used as a caching proxy and improving response times and reducing bandwidth usage.
For the purpose of this article, I will be installing Squid on a Linode CentOS 7 VPS and use it as an HTTP proxy server.
How to Install Squid on CentOS 7/8
Before we start, you should know that Squid, does not have any minimum requirements, but the amount of RAM usage may vary depending on the clients browsing the internet through the proxy server.
Squid is included in the base repository and thus the installation is simple and straightforward. Before installing it, however, make sure your packages are up to date by running.
# yum -y update
Proceed by installing squid, start and enable it on system startup using following commands.
# yum -y install squid
# systemctl start squid
# systemctl enable squid
At this point, your Squid web proxy should already be running and you can verify the status of the service with.
# systemctl status squid
Sample Output
● rvice – Squid caching proxy
Loaded: loaded (/usr/lib/systemd/system/rvice; enabled; vendor preset: disabled)
Active: active (running) since Thu 2018-09-20 10:07:23 UTC; 5min ago
Main PID: 2005 (squid)
CGroup: /
├─2005 /usr/sbin/squid -f /etc/squid/
├─2007 (squid-1) -f /etc/squid/
└─2008 (logfile-daemon) /var/log/squid/
Sep 20 10:07:23 tecmint systemd[1]: Starting Squid caching proxy…
Sep 20 10:07:23 tecmint squid[2005]: Squid Parent: will start 1 kids
Sep 20 10:07:23 tecmint squid[2005]: Squid Parent: (squid-1) process 2007 started
Sep 20 10:07:23 tecmint systemd[1]: Started Squid caching proxy.
Here are some important file locations you should be aware of:
Squid configuration file: /etc/squid/
Squid Access log: /var/log/squid/
Squid Cache log: /var/log/squid/
A minimum configuration file (without comments in it) looks like this:
acl localnet src 10. 0. 0/8 # RFC1918 possible internal network
acl localnet src 172. 16. 0/12 # RFC1918 possible internal network
acl localnet src 192. 168. 0/16 # RFC1918 possible internal network
acl localnet src fc00::/7 # RFC 4193 local private network range
acl localnet src fe80::/10 # RFC 4291 link-local (directly plugged) machines
acl SSL_ports port 443
acl Safe_ports port 80 #
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 #
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # -mgmt
acl Safe_ports port 488 # gss-
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling
_access deny! Safe_ports
_access deny CONNECT! SSL_ports
_access allow localhost manager
_access deny manager
_access allow localnet
_access allow localhost
_access deny all
_port 3128
coredump_dir /var/spool/squid
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\? ) 0 0% 0
refresh_pattern. 0 20% 4320
Configuring Squid as an HTTP Proxy
Here, we will show you how to configure squid as an HTTP proxy using only the client IP address for authentication.
Add Squid ACLs
If you wish to allow the IP address to access the web through your new proxy server, you will need to add a new ACL (access control list) line in the configuration file.
# vim /etc/squid/
The line you should add is:
acl localnet src
Where is the actual client IP address you wish to add. The line should be added at the beginning of the file where the ACLs are defined. It is a good practice to add a comment next to ACL which will describe who uses this IP address.
It is important to note that if Squid is located outside your local network, you should add the public IP address of the client.
You will need to restart Squid so the new changes can take effect.
# systemctl restart squid
Open Squid Proxy Ports
As you may have seen in the configuration file, only certain ports are allowed for connecting. You can add more by editing the configuration file.
acl Safe_ports port XXX
Where XXX is the actual port you wish to load. Again it is a good idea to leave a comment next to that will describe what the port is going to be used for.
For the changes to take effect, you will need to restart squid once more.
Squid Proxy Client Authentication
You will most probably want your users to authenticate before using the proxy. For that purpose, you can enable basic HTTP authentication. It is easy and fast to configure.
First, you will need d-tools installed.
# yum -y install d-tools
Now let’s create a file that will later store the username for the authentication. Squid runs with user “squid” so the file should be owned by that user.
# touch /etc/squid/passwd
# chown squid: /etc/squid/passwd
Now we will create a new user called “proxyclient” and setup its password.
# htpasswd /etc/squid/passwd proxyclient
New password:
Re-type new password:
Adding password for user proxyclient
Now to configure the authentication open the configuration file.
After the ports ACLs add the following lines:
auth_param basic program /usr/lib64/squid/basic_ncsa_auth /etc/squid/passwd
auth_param basic children 5
auth_param basic realm Squid Basic Authentication
auth_param basic credentialsttl 2 hours
acl auth_users proxy_auth REQUIRED
_access allow auth_users
Save the file and restart squid so that the new changes can take effect:
Block Websites on Squid Proxy
Finally, we will create one last ACL that will help us block unwanted websites. First, create the file that will store the blacklisted sites.
# touch /etc/squid/
You can add some domains you wish to block. For example:..
The proceeding dot tells squid to block all references to that sites including dsite1,, etc.
Now open Squid’s configuration file.
Just after the ports ACLs add the following two lines:
acl bad_urls dstdomain “/etc/squid/”
_access deny bad_urls
Now save the file and restart squid:
Once everything configured correctly, now you can configure your local client browser or operating system’s network settings to use your squid HTTP proxy.
In this tutorial, you learned how to install, secure and configure a Squid HTTP Proxy server on your own. With the information you just got, you can now add some basic filtering for incoming and outgoing traffic through Squid.
If you wish to go the extra mile, you can even configure squid to block some websites during working hours to prevent distractions. If you have any questions or comments, please post them in the comment section below.
If You Appreciate What We Do Here On TecMint, You Should Consider:
TecMint is the fastest growing and most trusted community site for any kind of Linux Articles, Guides and Books on the web. Millions of people visit TecMint! to search or browse the thousands of published articles available FREELY to all.
If you like what you are reading, please consider buying us a coffee ( or 2) as a token of appreciation.
We are thankful for your never ending support.
Install And Configure Proxy Server On Centos 7/8 Server

Install And Configure Proxy Server On Centos 7/8 Server

If you would like to read what are proxy servers and how they can benefit you, please refer: Click
If you would like to buy a VPS to make your own Proxy Server along with this tutorial check out: Click
Squid Proxy
Little introduction about the proxy of the article:
“Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. It reduces bandwidth and improves response times by caching and reusing frequently-requested web pages. Squid has extensive access controls and makes a great server accelerator. It runs on most available operating systems, including Windows, and is licensed under the GNU GPL. ”
It is very mature, quick, and flexible. That is why it is one of the most widespread web proxies. It is predominantly used in large environments, such as universities and large corporates.
But it could be just as useful for small businesses and even to an individual user.
Install Proxy Server: Squid Proxy
Step 1: Update the server
yum -y update
Step 2: Install squid
yum -y install squid
Step 3: Start and enable squid server.
systemctl start squid
systemctl enable squid
Step 4: Check the status of squid server.
systemctl status squid
Configure Proxy Server: Squid Proxy
The configurations for your Squid server are stored in the /etc/squid/ file
Configure your Network To Route through your Proxy to the access Internet
You have to add the IP or the IP ranges which will be making contact with your Proxy Server and then the Proxy server will act as a gateway for only those IP(s)
You can add a source IP range with an ACL using the following format.
acl localnet src
Edit the configuration file /etc/squid/ Add the source IP(s) as shown below.
Restart the proxy server after making the ACL changes.
systemctl restart squid
Test proxy Server Connectivity
Test if the proxy server is working using a simple curl request. Use the following curl format. By default, squid proxy runs on 3128 port.
curl -x :3128 -L
Configure Proxy Authentication
As an addon to ACL, you should also add a basic authentication to your proxy server for extra security. The steps to do this are as follows:
Step 1: On your Squid server install d-tools
yum -y install d-tools
Step 2: Create an empty passwd file
touch /etc/squid/passwd
Step 3: Change the owner of the file
chown squid /etc/squid/passwd
Step 3: Add squid to the password file using htpasswd utility.
You will be asked for a password, use a strong one, and don’t forget to store it. This username and password will be used for all connections through this proxy.
htpasswd /etc/squid/passwd squid
Step 4: Open squid config file.
vi /etc/squid/
Add the following to the config file and save it.
auth_param basic program /usr/lib64/squid/basic_ncsa_auth /etc/squid/passwdauth_param basic children 5auth_param basic credentialsttl 2 hoursauth_param basic utf8 onauth_param basic realm Please enter your credentials for the Proxy Server! auth_param basic casesensitive onacl auth_access proxy_auth REQUIRED_access allow auth_access
Step 5: Now, restart squid server for the configuration changes to take place.
sudo systemctl restart squid
Step 6: Now if you test the proxy connection using curl, you will get the “authentication required message” as shown below.
Now, test the connectivity with proxy user and password we configured in step 3. An example syntax is shown below.
curl -x –proxy-user squid:thisIsPassword -I
With username and password, your proxy request should go through.
Blocking Websites
Another great use of the proxy server is restricting the website access. Follow the steps below for creating a block list.
Step 1: Open a blocked list file.
vi /etc/squid/blocked_sites
Add the websites to be blocked in the file. For example,
Step 2: Open the squid config file.
Add the following to the ACL list.
acl blocked_sites dstdomain “/etc/squid/blocked_sites”
_access deny blocked_sites
Step 3: Restart the squid server.
Now if you try to access the blocked site through the proxy, you will get a forbidden message.
Uninstall Squid Proxy Server
In case if you would want to remove squid from your server just use the yum remove command as below.
yum remove squid
You will be prompted once to ask for confirmation.

Frequently Asked Questions about how to install proxy server in centos 7

Leave a Reply

Your email address will not be published. Required fields are marked *