How to set up an HTTP proxy server on Ubuntu 20.04

Walid Rashed

Walid Rashed / February 01, 2022

5 min read

In this blog post, I will demonstrate how to install and configure Squid Proxy on Ubuntu 20.04.

Introduction

About Squid Proxy

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. It reduces bandwidth and improves response times by caching and reusing frequently-requested web pages. Squid has extensive access controls and makes a great server accelerator. It runs on most available operating systems, including Windows, and is licensed under the GNU GPL.

Prerequisites

To complete this guide, you will need:

  • A Ubuntu 20.04 installed VPS or dedicated server.
  • Root user access or normal user with administrative privileges.

Installing Squid Proxy on Ubuntu

Step 1 - Installing Squid Proxy

First, log in using the ssh command or use your favorite SSH client like Putty:

ssh user@your-server-ip

Next, update and upgrade your system using the apt commands:

sudo apt update
sudo apt upgrade

then, run the below command to install Squid Proxy:

sudo apt install squid

After the installation, Squid will automatically set up a background service and starts running, you can verify this by executing the following command:

sudo systemctl status squid

You can also manually enable and start Squid service by executing the following commands:

sudo systemctl enable squid
sudo systemctl start squid

Step 2 - Configuring Squid Proxy

the Squid Proxy's configuration file is located at /etc/squid/squid.conf,
By default, Squid does not allow any clients to connect to it from outside of this server. we will configure it to be public and let other clients use it.

First, we will create a backup copy from the original configuration file:

sudo cp /etc/squid/squid.conf /etc/squid/squid.conf.BAK

Then, we will open the configuration file using nano editor:

sudo nano /etc/squid/squid.conf

What is really annoying about Squid’s default configuration file is its very long file, and contains a massive number of options that have been temporarily disabled (commented out) by putting a # at the start of the line they’re on, You probably need to search through the file to find the lines you want to edit. In nano, you can do this by pressing Ctrl+W, entering your search term, pressing Enter, and then repeatedly pressing Alt+W to find the next instance of that term if needed. with that being said now let's start configuring it.

By default, squid is set to listen on TCP port 3128 on all network interfaces on the server. You can change it to use another port or leave it as default.

.env.local
http_port 3128

Next, find a line containing the phrase http_access deny all.

. . .
#
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
#
include /etc/squid/conf.d/*
# Example rule allowing access from your local networks.
# Adapt localnet in the ACL section to list your (internal) IP networks
# from where browsing should be allowed
#http_access allow localnet
http_access allow localhost

# And finally deny all other access to this proxy
http_access deny all
. . .

Since we want to make the Proxy Server available for public use, We change the line http_access deny all to http_access allow all, in case you are on the same network with the server and want the proxy server to be available only localy instead you can leave the http_access deny all and instead uncomment http_access allow localnet to make the proxy server available only to your local network.

After that, you can finally restart the Squid service for your configuration to take place. This might take a moment to complete:

sudo systemctl restart squid
Output
● squid.service - Squid Web Proxy Server
     Loaded: loaded (/lib/systemd/system/squid.service; enabled; vendor preset: enabled)
     Active: active (running) since Mon 2022-01-31 21:28:27 UTC; 17h ago

Step 3 - Allowing Squid Proxy's port number by the firewall

Finally, we can now use the Squid Proxy using the server IP and the port that we set in the Squid configuration file but make sure that you have that port is allowed by your firewall.

We can open manage our firewall easily using firewall-cmd administrative tool, start by installing it in case you don't have it installed:

sudo apt install firewalld

After the installation, open the Squid Proxy port number, in the bellow command we open the default port number, don't forget to use open the port number that you set inside the Squid configuration file!

sudo firewall-cmd --zone=public --permanent --add-port=3128/tcp

Conclution

That's it, now you have your own Proxy server, In this tutorial blog, you learned how to install, set up, and deploy Squid Proxy server for public internet access on Ubuntu Linux 20.04 LTS, make sure to refer back to Squid server's documentation to know more about the full potentials of the Squid Proxy!.