Squid Proxy with SquidGuard: How to Implement Content Filtering

Squid Proxy with SquidGuard: How to Implement Content Filtering. In this tutorial, we introduce SquidGuard, then outline main advantages. Swiftly, we will follow onto steps how to implement content filtering using SquidGuard and Squid.

URL reroute software like SquidGuard is a game changer if you run a business, work in marketing, or do SEO and want to make sure your users never get a 404 error message again.

Licensed under the General Public License, the program is used forever and without cost, commitment, or limit on the number of computers or people that access it. In addition, the software’s source code is available for anybody to view, analyse, alter, and share under the terms of the license.

SquidGuard requires Linux or Unix server systems to be installed, but it may be expanded to include all endpoints, including Windows and Mac PCs. This URL redirector software is one of the most adaptable and quick tools available online, so let’s take a closer look at it.

What is SquidGuard?

Firstly, SquidGuard is a web content filtering software that works in conjunction with Squid. Multiple “blacklists” of insecure websites are included. These are customizable. The program is very adaptable, letting administrators modify the block pages as they see fit and integrate with other security systems. When it comes to web filtering, SquidGuard is a tried and true tool that has helped many businesses keep their networks secure and their employees productive.

If a user tries to visit a blocked website, they are sent to a page with a warning or notice. All authorized users’ Internet activity may be compiled in reports by SquidGuard and Squid.

Users are given the freedom to establish a broad variety of network access rules, making it perfectly suited for managing networks of any size.

Features of SquidGuard

SquidGuard is a software application that provides advanced URL filtering and access management. Its features comprise:

  • Squidguard uses blacklists to limit access to certain websites and specify redirection URLs. We may either make our own blacklist from scratch or utilize one of the ones that already exist.
  • Free and open source, Squidguard is a powerful and versatile web filtering application.
  • SquidGuard supports both Unix and Linux setups.
  • Allows to define a wide variety of access rules, such as restricting users’ access to a specific set of web servers, blocking sites based on the presence or absence of certain words or phrases, sending unregistered users to a registration page, and so on.
  • SquidGuard’s extensive reporting and logging features make it easy for administrators to keep tabs on user behavior and spot security flaws.
  • It is offered in several languages, so people from all over the world can use it.
  • SquidGuard’s minimal memory and CPU requirements and great performance make it ideal for widespread deployment.
  • Its database size is virtually irrelevant given that it can handle 100,000 queries in 10 seconds.

Squid Proxy with SquidGuard: How to Implement Content Filtering

In this section, you learn how to install and use Squid and SquidGuard together to implement content filtering.

Getting Started

Before setting up SquidGuard, you need to upgrade all your system packages to the latest version. Upgrade them by running the following command.

				
					apt update -y
apt upgrade -y

				
			

Once all the default system packages are in the latest version, proceed to install the Squid proxy server.

Install Squid Proxy

By default, the latest version of Squid is included in the Ubuntu default repository. Install it with the following command.

				
					apt install squid -y
				
			

After installing Squid packages, start the Squid service and enable it to start at system reboot.

				
					systemctl start squid
systemctl enable squid
				
			

Now verify the Squid status using the following command.

				
					systemctl status squid
				
			

You see the Squid running status on the following screen.

By default, Squid listens on port 3128. Verify it using the following command.

				
					ss -antpl | grep -i squid
				
			

This  shows you the Squid listening port in the following output.

				
					
LISTEN 0      256                *:3128            *:*    users:(("squid",pid=1567,fd=12))         

				
			

Install SquidGuard

By default, the SquidGuard package is included in the Ubuntu default repository. You can install it using the following command.

				
					apt install squidguard -y
				
			

Once the SquidGuard is installed, you can verify its version with the following command.

				
					squidGuard -v
				
			

You will see the following output.

				
					SquidGuard: 1.6.0 Berkeley DB 5.3.28: (September  9, 2013)
				
			

To see the list of all options available with SquidGuard, run the following command.

				
					squidGuard -h
				
			

You should see the SquidGuard help information on the following screen.

Configure SquidGuard for Content Filtering

By default, the SquidGuard store its configuration file at /etc/squidguard/squidGuard.conf. It is a good idea to backup the original configuration file and create a new configuration file for SquidGuard.

First, backup the original configuration file with the following command.

				
					mv /etc/squidguard/squidGuard.conf /etc/squidguard/squidGuard.conf.bk
				
			

Next, create a new SquidGuard configuration file.

				
					nano /etc/squidguard/squidGuard.conf
				
			

Add the following configuration.

				
					dbhome /var/lib/squidguard/db
logdir /var/log/squidguard
dest deny {
    # define [deny] category for prohibited domain
    domainlist deny/domains
    # define [deny] category for prohibited URL
    urllist deny/urls

}
acl {
    default {
        # permit all except [deny] category
        pass !deny all

    }
}

				
			

Save and close the file when you are done. Then, create a deny directory that you have defined in the configuration file.

				
					mkdir /var/lib/squidguard/db/deny
				
			

Next, create a domains file using the following command.

				
					nano /var/lib/squidguard/db/deny/domains
				
			

Add the list of all domains that you want to block.

				
					google.com
facebook.com

				
			

Save and close the file then create a urls file.

				
					nano /var/lib/squidguard/db/deny/urls
				
			

Add the list of all website urls that you want to block.

				
					www.google.com
https://www.facebook.com/
				
			

Save and close the file then update the SquidGuard database using the following command.

				
					squidGuard -C all -d
				
			

You will see the following screen.

To check the SquidGuard log, run the following command.

				
					tail -f /var/log/squidguard/squidGuard.log 
				
			

This will show you the SquidGuard log in the following output.

				
					2023-06-16 05:18:33 [3288] INFO: New setting: dbhome: /var/lib/squidguard/db
2023-06-16 05:18:33 [3288] INFO: New setting: logdir: /var/log/squidguard
2023-06-16 05:18:33 [3288] init domainlist /var/lib/squidguard/db/deny/domains
2023-06-16 05:18:33 [3288] INFO: loading dbfile /var/lib/squidguard/db/deny/domains.db
2023-06-16 05:18:33 [3288] init urllist /var/lib/squidguard/db/deny/urls
2023-06-16 05:18:33 [3288] INFO: loading dbfile /var/lib/squidguard/db/deny/urls.db
2023-06-16 05:18:33 [3288] INFO: squidGuard 1.6.0 started (1686892713.168)
2023-06-16 05:18:33 [3288] INFO: squidGuard ready for requests (1686892713.171)

				
			

Next, change the ownership of the SquidGuard with the following command.

				
					chown -R proxy. /var/lib/squidguard /var/log/squidguard
				
			

Configure Squid to Use SquidGuard

At this point, SquidGuard is installed and configured. Now, you will need to configure your Squid server to use the SquidGuard for content filtering. Configure it by editing the Squid main configuration file.

				
					nano /etc/squid/squid.conf
				
			

Scroll down and go to the line number 850 then add the following line.

				
					url_rewrite_program /usr/bin/squidGuard
				
			

Save and close the file then restart the Squid service to implement the changes.

				
					systemctl restart squid
				
			

Configuring Firefox to Use Squid

At this point, both Squid and SquidGuard are configured to work together. Now, you will need to configure your web browser to use the Squid proxy. Go to the client machine, open the Firefox web browser and click on the menu >> Preferences. You should see the following screen.

Scroll down the page and click on the Settings button. You should see the Proxy setting screen.

Define your Squid proxy IP, Port and click on the OK button to save the changes. Now, try to browse the www.google.com in your web browser. We already block google.com, so you can now access it, and will give you the following error page.

Did you enjoy reading Squid Proxy with SquidGuard: How to Implement Content Filtering? We really hope so! Your knowledge has been broadened. Thank you  

Squid Proxy with SquidGuard: How to Implement Content Filtering Conclusion

In this guide, we introduced SquidGuard and its capability. Also, we have installed and configured SquidGuard on the server. We then, navigated through steps how to configure Squid to use SquidGuard for content filtering. I hope this will help you to implement content filtering in your local network.

Organizations may benefit from SquidGuard, a sophisticated and adaptable web filtering solution since it allows them to restrict user access to malicious websites and other online content. Businesses and institutions that need to monitor and control user behavior will find its sophisticated capabilities indispensable.

Avatar for Hitesh Jethva
Hitesh Jethva

I am a fan of open source technology and have more than 10 years of experience working with Linux and Open Source technologies. I am one of the Linux technical writers for Cloud Infrastructure Services.

0 0 votes
Article Rating
Subscribe
Notify of
0 Comments
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x