Squid Proxy Server
ServerVirtual Private Server

Instructions for installing Squid as a Proxy Server on Oracle Cloud VPS

Today’s article will guide you how to install Squid on Oracle Cloud’s free VPS virtual machine to make a Proxy Server. You can apply the same to install on your home server or on VPS of other services such as Digital Ocean, Vultr, …

I will install Squid using Docker Compose so that I can remove it at any time without affecting the system.

1. Preparation requirements

2. Install Squid Proxy

SSH into VPS and create new folder for Squid

mkdir ~/squid
cd ~/squidCode language: Bash (bash)

Create file compose.yml

services:
  proxy:
    image: ubuntu/squid
    ports:
      - "3128:3128"
    environment:
      - TZ=Asia/Ho_Chi_Minh
    volumes:
      - ./squid.conf:/etc/squid/squid.confCode language: YAML (yaml)

Create additional configuration file for squid

nano squid.confCode language: CSS (css)

Enter the following Content and save.

http_access allow all
http_port 3128Code language: Nginx (nginx)

With this configuration, squid will operate on port 3128 and open access to all network protocols and source IPs.

3. Activate Squid

Activate squid with the following command

docker compose up -dCode language: Nginx (nginx)

Next check if Squid is running using the command curl

curl -x 127.0.0.1:3128 -I -L http://google.comCode language: YAML (yaml)

The result returned shows a line. Via: 1.1 47b623f8c9ff (squid/6.6) means Squid is working fine.

HTTP/1.1 301 Moved Permanently
Location: http://www.google.com/
Content-Type: text/html; charset=UTF-8
Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-eSmZn_UUYRd5jJKWrz2pcA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp
Date: Sat, 21 Sep 2024 06:11:29 GMT
Expires: Mon, 21 Oct 2024 06:11:29 GMT
Cache-Control: public, max-age=2592000
Server: gws
Content-Length: 219
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Cache-Status: 47b623f8c9ff;detail=mismatch
Via: 1.1 47b623f8c9ff (squid/6.6)
Connection: keep-alive

HTTP/1.1 200 OK
Content-Type: text/html; charset=ISO-8859-1
Content-Security-Policy-Report-Only: object-src 'none';base-uri 'self';script-src 'nonce-LLLlSd3CIXQZ_bzbO-3lgg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Date: Sat, 21 Sep 2024 06:11:29 GMT
Server: gws
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Expires: Sat, 21 Sep 2024 06:11:29 GMT
Cache-Control: private
Set-Cookie: AEC=AVYB7co-QfUvSxhu9soW6ZgzlyOQJRXfhoUfBRWnDOC5nMYJLnNYnrfAlA; expires=Thu, 20-Mar-2025 06:11:29 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
Set-Cookie: NID=517=h0bemJIvrMRrJZB4shhmaOXwuIcB1E7YgXuxGHpHFOqRnhN9uHiQW_BeC0xDzBeCAOHfdzxGuUsHXGErQH-Z_cTEvg8MkjZB_YbCznJ1WTILQqdQyFAYDhl4-w5JpizfuTWMnedLylBQaqZIr2AZfjMxFnTG8h98M83luUWRkEdfc4efIMDzn9y7KIEwg2eR; expires=Sun, 23-Mar-2025 06:11:29 GMT; path=/; domain=.google.com; HttpOnly
Cache-Status: 47b623f8c9ff;detail=mismatch
Via: 1.1 47b623f8c9ff (squid/6.6)
Connection: keep-alive

Code language: YAML (yaml)

Find VPS Public IP address

curl ifconfig.meCode language: CSS (css)

The returned IP will be used to configure the Proxy on the client computer.

4. Configure Security List for Oracle VPS

This step only applies to those of you who are installing Squid on Oracle Cloud VPS.

Access the Sercirity List configuration for VPS, add a new Ingress Rule with the following parameters:

  • Source Type: CIDR
  • Sour CIDR: 0.0.0.0/0
  • IP Protocol: TCP
  • Source Port Range : All (leave blank)
  • Destination Port Range: 3128
  • Description: Squid Proxy Server

Click the Add Ingress Rules button to create.

5. Configure Proxy on browser

Depending on the application, the proxy configuration will be different. Here I will configure on Firefox.

Go to Settings (or type about:preferences in the web address and press Enter), find Network Settings and adjust the parameters.

  • HTTP Proxy: enter VPS IP
  • Port: 3128
  • Click to add Also use this proxy for HTTPS

Then visit the website https://ifconfig.me/ you will see it show the IP of the VPS that is installing Squid Proxy.

6. Install Foxy Proxy extension

Configuring Proxy directly in Firefox’s Settings will be very inconvenient if you need to turn proxy on or off depending on the website you visit. For convenience, I recommend installing the extension. Foxy Proxy standard to be able to switch back and forth between different Proxies.

After installation, go to FoxyProxy configuration page and add Proxy in Proxies section. Click Save to save.

Every time I need to use Proxy, I will click on the FoxyProxy icon to activate the corresponding Proxy. Or click Disable to stop using Proxy.

6. Configure security with account and password

With the settings shared above, everyone can use your Squid Server if they know the IP address. To prevent unauthorized access, I will configure an additional security step for Squid Proxy with an account and password.

Install additional tools apache2-utils

sudo apt install apache2-utilsCode language: Nginx (nginx)

Create a file to save your account and password. You replace markknow with your account name

cd ~/squid/
htpasswd -c passwords markknowCode language: JavaScript (javascript)

Enter your password and confirm. Your account information and password will be saved to a file. passwords located in the same folder as the file compose.yml

Update file compose.ymladd the last line as below

services:
  proxy:
    image: ubuntu/squid
    
    ports:
      - "3128:3128"
    environment:
      - TZ=UTC
    volumes:
      - ./squid.conf:/etc/squid/squid.conf
      - ./passwords:/etc/squid/passwordsCode language: YAML (yaml)

Edit the file again squid.conf with the following content to enable account and password authentication.

auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/passwords
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours

acl password proxy_auth REQUIRED
http_access allow password

http_access deny all

http_port 3128Code language: YAML (yaml)

Restart Squid

docker compose restartCode language: Nginx (nginx)

Go back to Firefox and access the network through Proxy, you will be asked to enter your account and password to authenticate.

That’s it! Now you don’t have to worry about someone else using your Proxy Server.

Comment Policy: We truly value your comments and appreciate the time you take to share your thoughts and feedback with us.

Note: Comments that are identified as spam or purely promotional will be removed.

To enhance your commenting experience, consider creating a Gravatar account. By adding an avatar and using the same e-mail here, your comments will feature a unique and recognizable avatar, making it easier for other members to identify you.

Please use a valid e-mail address so you can receive notifications when your comments receive replies.

Related posts

[Proxmox] LXC VM / Container Backup and Recovery Guide

Mark Lee

Dockge – Docker management application suitable for homelab

Mark Lee

Install Caddy Server – Modern, easy-to-use Web Server

Mark Lee

Leave a Comment

* By using this form you agree with the storage and handling of your data by this website.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More