Squid Proxy on Linux EC2 server

Squid Proxy on Linux EC2 server

In this blog we will implement a proxy server setup and restrict sites from accessing it by user.

Introduction:

In today's digital landscape, proxy servers play a vital role in enhancing security, improving performance, and enabling controlled access to internet resources. In this blog, we will provide a stepwise guide on how to implement the Squid proxy server on a RHEL (Red Hat Enterprise Linux) EC2 instance on AWS (Amazon Web Services).

Step 1: Launch an EC2 instance

  1. Go to the AWS Management Console

  2. Navigate to the EC2 service.

  3. Launch an instance with the desired RHEL AMI.

  4. Choose an instance type, configure instance details,

  5. Configure security group with port 3128 and allow all traffic (0.0.0.0/0)

  6. Create a new key pair or use an existing one.

  7. Launch the instance.

Step 2: Connect to the EC2 instance

Use SSH to connect to your instance:

ssh -i KeyPair.pem ec2-user@your-instance-ip

(Optional) Or use Session Manager to connect to your instance.

Step 3: Update and Install the Squid Proxy service

Update the System Packages:

sudo yum update -y

Install Firewall in the system

sudo yum install firewalld -y

Install Squid Proxy in the system:

sudo yum install squid* -y

Squid Config file directory: /etc/squid/sqiud.conf

Add your Proxy port to firewall:

sudo firewall-cmd --permanent --add-port=3128/tcp
Sudo firewall-cmd --reload

By Default squid proxy port is 3128

Step 4: Configure Squid proxy

change the directory and open the config file:

cd /etc/squid/
sudo nano /etc/squid/squid.conf

Create a text file to add domains/websites that we want to block the access:

nano block_site.txt

Add below content or whatever website you want in your block_site.txt:

.Facebook.com
.Instagram.com
.twitter.com

Add Below lines to configs:

acl block dstdomain "/etc/squid/blocked_site.txt"
http_access deny block

acl localnet src your.private.ipv4
http_access allow localnet

and scroll down below and change “http_access deny all” to “http_access allow all”.

Save the config file “Ctrl + X” Press Y and Enter (nano editor) or :wq!(vi editor)

Now restart the squid proxy service:

sudo systemctl restart squid

If you get any error in red lines try to check the syntax error of config using: sudo squid -k check

Step 5: Now add Proxy to your pc proxy setting

Open Settings

Go to Network & Internet

Select Proxy tab and Manual proxy setup

Add your Proxy server public IP and proxy port

For example: Proxy IP Address: 3.80.55.1 Port: 3128

Now in your browser try accessing the sites you have block and check whether your proxy is working or Not.

Thankyou.

Did you find this article valuable?

Support Jatin Chourasia by becoming a sponsor. Any amount is appreciated!