Free Proxy Server Using Squid Proxy

How To Setup Your Own Free Proxy Server Using Squid Proxy

I had few use cases to setup my own web proxy. One such use case is, API calls to few web services to get the pricing. So when ever I make an API call, it returns the value in my local currency. So I had to set up my own proxy server my desired country (On Cloud) and I make those API calls through that proxy. This way the I get the pricing response in the desired currency.

After some research, I have found squid proxy server to be a better fit for my needs. It is an open source forward proxy server with many functionalities. It is being used by many organizations for their forward proxy needs.

Free Proxy Server With Squid Proxy

In this blog, I will explain the step by step process to set up a free proxy server using Squid Proxy on the latest Ubuntu server.

Note: I have used Digital Ocean Cloud to deploy my proxy server. You can choose from many regions for your proxy setup. Also, you can get $100 free Digital Ocean credits from here.

Follow the steps given below for a working proxy server.

Step 1: Login to the server and update the package list.

Step 2: Install Squid Proxy server.

Step 3: Start and enable squid service to start on system boot.

Step 4: Verify the squid service status. You should be seeing the “active” status.

Squid Proxy Port

By default, squid runs on port 3128

You can check it using the following command.

Now we have a working squid proxy server. Next important step is to configure the squid proxy based on your needs.

Squid proxy configuration

If you are setting up squid proxy for your production environment, you have to make sure all the proxy configurations are set as per your needs.

The core settings of squid proxy are in /etc/squid/squid.conf

Squid proxy port

By default squid proxy runs on port 3128. If you are on cloud, make sure you allow 3128 in your firewall rules.

Also, you can change the default 3128 port to a custom port by editing the following configuration in the squid.conf file.

Proxying Internet Connectivity

The primary use case for most of us have is to connect to the internet through a proxy server.

If you want to connect to internet through your proxy, you need to configure ACLs (Access Control List) in your squid configuration.

Enable Squid ACLs for Internet Connectivity

By default, all the incoming connection to the proxy server will be denied. We need to enable few configurations for the squid server to accept connections from other hosts.

Open /etc/squid/squid.conf file.

Search for entry http_access allow localnet in the file. By default, it will be commented out. Uncomment it.

Next step is to add ACLs to the squid config file /etc/squid/squid.conf. ACL for localnet has the following format.

You can whitelist the source IP ranges in the following ways.

  1. Single IP [49.205.220.161]
  2. A range of IPs [0.0.0.1-0.255.255.255]
  3. CIDR range [10.0.0.0/28]

Based on your requirements you can add the localnet acl. For example, in my use case, I had to whitelist my home network. I found my home network public address using Find My IP service and whitelisted that in the ACL as shown below.

If you want to whitelist your private networks CIDR range, you can have the ACL like the following. Normally this kind of use cases comes when you set up a virtual network for your organization.

Note: You can add your ACL in the config file under the default ACLs are present. If you search for,ACLs all you will find the ACL default section. If you specify a CIDR private range, make sure the proxy is in the same private network.

Here is the ACL I added to my squid server.

Test Proxy Connectivty

To test the proxy connectivity for internet from your specified ACL source, you can use the following curl command syntax which should return a 200 OK response code.

Output would like the following.

Setup Squid Proxy Authentication

The previous method would allow anonymous proxy usage. To prevent this, you can set up proxy authentication using a username and password.

Step 1: Install apache utils.

Step 2: Create a passwd file and change the ownership to proxy user.

Step 3: Create a user named proxyuser user using the following command. It will prompt for a password. Provide a secure password.

Step 4: Open the squid.conf file.

Step 5: Add the following content to the file.

Step 6: Restart Squid server for the changes to take place.

Test squid proxy authentication

Test squid proxy authentication using curl. You can use the following syntax.

For example,

You will see the following error if authentication details are not passed properly.

Blocking Websites Using Squid Proxy

Another key use case of a squid proxy is to block certain websites being accessed . In this section we will look in to the steps to configure a website block list.

Step 1: Create a block list file named proxy-block-list.acl

Step 2: Add the websites that has to blocked to the file as shown below.

Note: Make sure you do not have any http_access allow all rules above the block list rule. It will take precedence and the block list will not work.

Step 3: Open the squid configuration file.

Step 4: Add the following lines above the ACLs we have added in the previous steps.

Step 5: Restart the squid server.

Test Squid Proxy Blocker Websites

Now if you try to access the websites which are in the block list, you will get a 403 error as shown below.

Using Squid Proxy

You can use squid proxy in the following ways.

For Web Browsing

You can use squid proxy endpoint as your browser proxy. Each browser has its own proxy settings. You can add the proxy IP, port and authentication details if enabled.

For Applications

If you have applications running on a private network and you want to connect to the internet for specific calls, you can use the proxy endpoint to route that outbound internet traffic.

Blocking Unwanted Website Access

Organizations use a proxy server to limit access to certain unwanted websites.

Conclusion

Squid proxy offers a variety of solution as a forward proxy. It is a best free proxy server software. Its implementation depends on your architecture and design. And, if you want to learn and manage squid proxy by yourself then check out this hands-on course.

About

Cloud Computing Tutorial Blog