INTRODUCTION

How to Block Websites in Squid Proxy

Most of the Linux system admins want to install squid to give restricted internet access to their clients computers. In this short tutorial will look, how to block websites in squid proxy using ACL (Access Control List).

`

SOLUTION

We have couple of ways to block specific domain name in squid proxy server.

1) Block specif domain by creating ban list of bad websites.
2) Block specifying the domain name directly in the squid config file.

Create a file called ban_domains and then specify the path of this file in ACL to block websites in squid proxy.

Create file using vi editor

vi /etc/squid/ban_domains.txt

Add ban domains name line by line

www.youtube.com
www.facebook.com

save and exit.

Now add ACL to filter ulrs by checking our ban list and then deny access with http_access see below:

Edit squid configuration file

# vi /etc/squid/squid.conf

Add these lines in ACL Section

acl ban_domains dstdomain "/etc/squid/ban_domains.txt"
http_access deny ban_domains

save and exit

Restart squid service to apply changes

service squid restart

Now open up browser on client computer and point squid server IP in proxy settings with 3128 port. After adding ACL, Squid will start denying www.youtube.com.

deny sites in squid

You can get the same result by doing the following changes in squid.conf.

acl ban_domains dstdomain .facebook.com .youtube.com
http_access deny ban_domains

Note:- If you follow this guide correctly and still not able to block YouTube.com and Facebook.com, so you might be trying to block “HTTPS domains” e.g (https://youtube.com or https://facebook.com) using this method. This method will not work for HTTPS domains. To understand how squid handle HTTPS traffic and how we can block HTTPS traffic in squid transparent proxy, please follow below two guides:


If you like this Post, please give us your valuable feedback by pressing Vote Up / Vote Down Button. Thanks.

[thumbs-rating-buttons]


Similar Posts