In this blog we will implement a proxy server setup and restrict sites from accessing it by user.
Introduction:
In today's digital landscape, proxy servers play a vital role in enhancing security, improving performance, and enabling controlled access to internet resources. In this blog, we will provide a stepwise guide on how to implement the Squid proxy server on a RHEL (Red Hat Enterprise Linux) EC2 instance on AWS (Amazon Web Services).
Step 1: Launch an EC2 instance
Go to the AWS Management Console
Navigate to the EC2 service.
Launch an instance with the desired RHEL AMI.
Choose an instance type, configure instance details,
Configure security group with port 3128 and allow all traffic (0.0.0.0/0)
Create a new key pair or use an existing one.
Launch the instance.
Step 2: Connect to the EC2 instance
Use SSH to connect to your instance:
ssh -i KeyPair.pem ec2-user@your-instance-ip
(Optional) Or use Session Manager to connect to your instance.
Step 3: Update and Install the Squid Proxy service
Update the System Packages:
sudo yum update -y
Install Firewall in the system
sudo yum install firewalld -y
Install Squid Proxy in the system:
sudo yum install squid* -y
Squid Config file directory: /etc/squid/sqiud.conf
Add your Proxy port to firewall:
sudo firewall-cmd --permanent --add-port=3128/tcp
Sudo firewall-cmd --reload
By Default squid proxy port is 3128
Step 4: Configure Squid proxy
change the directory and open the config file:
cd /etc/squid/
sudo nano /etc/squid/squid.conf
Create a text file to add domains/websites that we want to block the access:
nano block_site.txt
Add below content or whatever website you want in your block_site.txt:
.Facebook.com
.Instagram.com
.twitter.com
Add Below lines to configs:
acl block dstdomain "/etc/squid/blocked_site.txt"
http_access deny block
acl localnet src your.private.ipv4
http_access allow localnet
and scroll down below and change “http_access deny all” to “http_access allow all”.
Save the config file “Ctrl + X” Press Y and Enter (nano editor) or :wq!(vi editor)
Now restart the squid proxy service:
sudo systemctl restart squid
If you get any error in red lines try to check the syntax error of config using: sudo squid -k check
Step 5: Now add Proxy to your pc proxy setting
Open Settings
Go to Network & Internet
Select Proxy tab and Manual proxy setup
Add your Proxy server public IP and proxy port
For example: Proxy IP Address: 3.80.55.1 Port: 3128
Now in your browser try accessing the sites you have block and check whether your proxy is working or Not.
Thankyou.