How to Install Squid Proxy on Debian 11.Proxy Servers act as a gateway between clients and the Internet. It is one of the best techniques to prevent attacks from reaching out to your private networks. With the increasing cyberattacks, it has become vital to adopt a strategy that improves response time, reduces bandwidth congestion, distributes workload and secures your network.
Squid proxy is one such proxy server that makes a great server accelerator. It reuses the frequently requested web pages and accelerates the performance.
Installed on a separate server, it helps cache different web objects even the ones assessed via HTTP and FTP. But does not support the SOCKS protocol. The main role of the Squid proxy caching server is to track the use of web objects over the connected networks.
Squid acts as an intermediary between the client and the server to protect network security and ease the process. When a client passes a request to the server, it helps save the copy of the requested object and servers the same information if later requested by the same client or other clients. As a result, with the help of Squid, your response time improves and becomes fast.
Similarly, when the request is not passed to the web server each time on finding a similar requested object, the bandwidth remains free from sending and receiving.
Nowadays, people do a lot of streaming, downloading videos, and request for heavy media files. As a result, the server receives thousands of requests each second. If the proxy server in any way serves even 10/20 % of the common requests, the performance of your web server will make a boost.
Most media companies, content delivery networks, and ISPs use Squid Proxy Server to improve their download speed and minimize latency.
Caches Web Object – The proxy server keeps the copy of requested web objects which help speed up the web server and ensures all requests are managed locally rather than sent each time to the original source.
Domain Name System (DNS) server – Another advantage of Squid is it can be used as a DNS server. It allows the use of in built internal DNS client or third-party DNS applications to resolve hostnames.
Improves network security – The proxy server filters all incoming traffic. As a result, any external client cannot attack the original source without passing through the proxy and authorization. Hence, by having a Squid, you can increase network security.
Load Sharing – On some days, there is a sudden burst of traffic, or you face unexpected bandwidth clogging. In such cases, Squid helps distribute loads over intercommunicating proxy servers. This also leads to faster response times.
Follow this post to learn how to install Squid Proxy on Debian 11.
Squid Proxy allows you to configure Squid to restrict users based on the user’s IP address. You can configure the IP based authentication by editing the Squid main configuration file:
nano /etc/squid/squid.conf
Add the following lines at the beginning of the file:
You can also configure Squid Proxy to restrict users based on the username and password to access the internet. First, install the Apache Utils package with the following command:
apt-get install apache2-utils -y
Next, create a user named pc1 and set a password with the following command:
htpasswd -c /etc/squid/passwd pc1
Set the password as shown below:
New password:
Re-type new password:
Adding password for user pc1
Please create a second user named pc2 and set a password:
htpasswd -c /etc/squid/passwd pc2
Set a password as shown below:
New password:
Re-type new password:
Adding password for user pc2
Next, edit the Squid configuration file:
nano /etc/squid/squid.conf
Remove the first three lines which you have added in the previous step and add the following lines:
Next, you will also need to edit the Squid configuration file and define some rules to mask client IP addresses:
nano /etc/squid/squid.conf
Add the following lines at the beginning of the file:
forwarded_for off
request_header_access Allow allow all
request_header_access Authorization allow all
request_header_access WWW-Authenticate allow all
request_header_access Proxy-Authorization allow all
request_header_access Proxy-Authenticate allow all
request_header_access Cache-Control allow all
request_header_access Content-Encoding allow all
request_header_access Content-Length allow all
request_header_access Content-Type allow all
request_header_access Date allow all
request_header_access Expires allow all
request_header_access Host allow all
request_header_access If-Modified-Since allow all
request_header_access Last-Modified allow all
request_header_access Location allow all
request_header_access Pragma allow all
request_header_access Accept allow all
request_header_access Accept-Charset allow all
request_header_access Accept-Encoding allow all
request_header_access Accept-Language allow all
request_header_access Content-Language allow all
request_header_access Mime-Version allow all
request_header_access Retry-After allow all
request_header_access Title allow all
request_header_access Connection allow all
request_header_access Proxy-Connection allow all
request_header_access User-Agent allow all
request_header_access Cookie allow all
request_header_access All deny all
Save and close the file then restart the Squid Proxy service to apply the configuration changes:
At this point, Squid Proxy is installed and configured with password based authentication. Now, it’s time to test the Squid Proxy server.
1. Go to the remote system, open the Mozilla web browser, and click on the Edit => Preferences:
2. Scroll down the page and click on the Settings under the Network Settings:
3. Select the Manual proxy configuration, type your Squid Proxy server IP address, Squid Proxy port, select the Use this proxy server for all protocols check box and click on the OK button to save the settings.
4. Now, open another tab in your web browser and type the URL https://www.whatismyip.com/. You will be asked to authenticate your Squid Proxy server:
5. Provide your username, password, and click on the Sign in button. Once you are authenticated successfully, you should see the Whatismyipaddress page:
Great effort! We have learned how to Install Squid Proxy on Debian 11 .
How to Install Squid Proxy on Debian 11
Conclusion
Squid is a web proxy cache which provides proxy and cache services for FTP, HTTP , SSL requests and DNS lookups. It does transparent caching to reduce bandwidth and improve response time by caching and reusing frequently requested web pages.
In this post, we explained how to install the Squid Proxy server on Debian 11. We also explained how to configure IP and password based authentication in Squid. For more advanced configuration, visit the Squid Proxy documentation page.
I am a fan of open source technology and have more than 10 years of experience working with Linux and Open Source technologies. I am one of the Linux technical writers for Cloud Infrastructure Services.