How to Install Squid Proxy on CentOS Stream 9. Proxy servers are server application that acts as a gateway between the end users and the online resources. The role of a proxy server is to allow end users to monitor and control their web traffic, for a variety of reasons, including caching, security, and privacy. A proxy server, for example, allows you to access the web from an IP address other than your own.
Squid is an open source, stable, and popular HTTP proxy. In this article, we will have a look at what is squid proxy, its features as well as advantages of using it then illustrate the installation steps on CentOS Stream 9. Let’s start!
Squid is a feature rich forwarding and caching web proxy server application that offers cache and proxy services for HTTP (Hyper Text Transfer Protocol), FTP (File Transfer Protocol), and several other network protocols. Using Squid, you can cache and proxy Secure Socket Layer (SSL) requests, DNS queries, and handle transparent caching. The Squid does not serve as a generic proxy server. Normally, it only proxies HTTP connections.
With Squid it serves both as a cache and a proxy. As a proxy, Squid serves as an intermediary between two web transactions. It accepts requests from clients, processes them, and then sends them back to the origin server. It is possible to log, reject, or even modify a request before the request is forwarded.
A major advantage of Squid is that it caches frequently requested pages for speeding up website load time and bandwidth usage by eliminating the need to repeatedly request the same page multiple times. In addition, you can use it as a reverse proxy to speed up web servers because it serves cached content instead of allowing simultaneous client requests for identical content to the web server.
Security
Using Squid along with a firewall can help protect internal networks from outside intrusion. A firewall prevents all clients from accessing external services except for Squid. It is necessary for the proxy server to establish all Web connections. This configuration allows Squid to fully control Web access.
Multiple Caches
You can configure several instances of Squid so that they exchange objects between themselves. In this way, the total load on the system is reduced and the likelihood of retrieving objects from the local network is greatly enhanced.
In addition, cache hierarchies can be configured, making it possible for a cache to forward object requests to its parent cache or sibling cache, this will cause the cache to retrieve objects directly from other caches within the local network or from the source directly.
Caching Internet Objects
Here there is many dynamic objects in the network that are not static such as SSL/TLS encrypted content. Such objects are not cached as they get changed every time they are accessed.
The objects are assigned some states based on how long they should be cached. Proxy servers determine an object’s status by adding header information to these objects such as ‘’Expires’’, ‘’Last Modified’’ the date they were modified. You can specify other headers to prevent objects from being cached as well.
Cache objects are typically replaced, due to limited disk space, using LRU (last recently used) algorithms. In other words, the proxy deletes objects that haven’t been requested in a long time.
Several other benefits of Squid proxy is including privacy as it allows you to surf anonymously on the internet by hiding your IP address. The website you’re visiting can be identified by your public IP address when you don’t use a proxy.
However, when you use a proxy server to access the web page, your IP address becomes invisible, since only the proxy server’s IP address appears on the page. The proxy IP then handles the rest of the work.
Saves Bandwidth
Another benefit of using Squid proxy is speed. Rather than retrieving a web page from the internet, it stores it into a centralized cache database and can retrieve it from there. This makes web page retrieval much faster. Furthermore, a proxy server can save bandwidth by reducing the need to access the internet in order to retrieve data.
Strict access control lists for clients accessing the proxy server
With loading the configuration file Squid processes all the directives or ACL lines into memory, as tests which are performed against any request transaction. So there are two different components: ACL elements and access lists. An access list consists of an allow or deny action followed by a number of ACL elements.
Follow this post to learn how to install Squid Proxy on CentOS Stream 9.
Once the EPEL repo is installed, run the following command to install Squid Proxy server on your server.
dnf install squid -y
When you installed Squid please verify the package information using the following command:
rpm -qi squid
You should see the Squid package information in the following output:
Name : squid
Epoch : 7
Version : 4.15
Release : 3.module+el8.6.0+991+e278114b.1
Architecture: x86_64
Install Date: Sunday 10 July 2022 02:56:32 PM UTC
Group : Unspecified
Size : 12404565
License : GPLv2+ and (LGPLv2+ and MIT and BSD and Public Domain)
Signature : RSA/SHA256, Thursday 07 July 2022 03:32:27 PM UTC, Key ID 15af5dac6d745a60
Source RPM : squid-4.15-3.module+el8.6.0+991+e278114b.1.src.rpm
Build Date : Thursday 07 July 2022 03:25:23 PM UTC
Build Host : ord1-prod-x86build002.svc.aws.centos.org
Relocations : (not relocatable)
Packager : infrastructure@rockylinux.org
Vendor : Rocky
URL : http://www.squid-cache.org
Summary : The Squid proxy caching server
Description :
Squid is a high-performance proxy caching server for Web clients,
supporting FTP, gopher, and HTTP data objects. Unlike traditional
caching software, Squid handles all requests in a single,
non-blocking, I/O-driven process. Squid keeps meta data and especially
hot objects cached in RAM, caches DNS lookups, supports non-blocking
DNS lookups, and implements negative caching of failed requests.
Squid consists of a main server program squid, a Domain Name System
lookup program (dnsserver), a program for retrieving FTP data
(ftpget), and some management and client tools.
Next, you will need to edit the Squid Proxy main configuration file and define the IP address of the remote PC to access the internet via Squid Proxy.
To do so, edit the Squid Proxy configuration file using the nano editor:
nano /etc/squid/squid.conf
Add the following lines at the beginning of the file:
#Define the IP address of remotepc to access the internet via Squid
acl remotepc1 src 106.205.251.23
acl remotepc2 src 106.205.251.24
http_access allow remotepc1 remotepc2
Next, add the following lines at the beginning of the file to anonymize traffic and mask the Client’s IP address:
forwarded_for off
request_header_access Allow allow all
request_header_access Authorization allow all
request_header_access WWW-Authenticate allow all
request_header_access Proxy-Authorization allow all
request_header_access Proxy-Authenticate allow all
request_header_access Cache-Control allow all
request_header_access Content-Encoding allow all
request_header_access Content-Length allow all
request_header_access Content-Type allow all
request_header_access Date allow all
request_header_access Expires allow all
request_header_access Host allow all
request_header_access If-Modified-Since allow all
request_header_access Last-Modified allow all
request_header_access Location allow all
request_header_access Pragma allow all
request_header_access Accept allow all
request_header_access Accept-Charset allow all
request_header_access Accept-Encoding allow all
request_header_access Accept-Language allow all
request_header_access Content-Language allow all
request_header_access Mime-Version allow all
request_header_access Retry-After allow all
request_header_access Title allow all
request_header_access Connection allow all
request_header_access Proxy-Connection allow all
request_header_access User-Agent allow all
request_header_access Cookie allow all
request_header_access All deny all
Save and close the file then restart the Squid proxy service to apply the changes:
To configure the Proxy setting via web browser, open your Firefox browser and click on the Preferences => General. You should see the following screen:
Now, click on the Network Settings. You should see the proxy configuration page:
Define your Squid Proxy server IP, Port and click on the OK button.
Now, type the URL https://whatismyipaddress.com/ in your web browser. You should see your Squid Proxy server IP under the My IP Address:
That means you are accessing the internet via the Squid Proxy server.
That’s great effort! Thank you for reading article blog about How to Install Squid Proxy on CentOS Stream 9. Let’s conclude.
How to Install Squid Proxy on CentOS Stream 9 Conclusion
In this guide, we explained how to install the Squid Proxy server on CentOS 9 Stream. We also showed you how to configure the client machine to use the Squid proxy to browse the Internet. You can now configure Squid proxy to monitor users’ internet history and control their web traffic. You can also use Squid as a caching proxy server to save the client request in the cache to speed up the website performance. For more advanced configuration, visit the Squid Proxy documentation page.
Enjoy checking out our content about Squid proxy here.
I am a fan of open source technology and have more than 10 years of experience working with Linux and Open Source technologies. I am one of the Linux technical writers for Cloud Infrastructure Services.
00votes
Article Rating
Subscribe
Login and comment with
I allow to create an account
When you login first time using a Social Login button, we collect your account public profile information shared by Social Login provider, based on your privacy settings. We also get your email address to automatically create an account for you in our website. Once your account is created, you'll be logged-in to this account.
DisagreeAgree
Login and comment with
I allow to create an account
When you login first time using a Social Login button, we collect your account public profile information shared by Social Login provider, based on your privacy settings. We also get your email address to automatically create an account for you in our website. Once your account is created, you'll be logged-in to this account.