Last updated on May 25th, 2018 at 09:22 pm
How to Block Websites in Squid Proxy
Most of the Linux system admins want to install squid to give restricted internet access to their clients computers. In this short tutorial will look, how to block websites in squid proxy using ACL (Access Control List).
We have couple of ways to block specific domain name in squid proxy server.
1) Block specif domain by creating ban list of bad websites.
2) Block specifying the domain name directly in the squid config file.
Create a file called ban_domains and then specify the path of this file in ACL to block websites in squid proxy.
Create file using vi editor
Add ban domains name line by line
save and exit.
Now add ACL to filter ulrs by checking our ban list and then deny access with http_access see below:
Edit squid configuration file
# vi /etc/squid/squid.conf
Add these lines in ACL Section
acl ban_domains dstdomain "/etc/squid/ban_domains.txt" http_access deny ban_domains
save and exit
Restart squid service to apply changes
service squid restart
Now open up browser on client computer and point squid server IP in proxy settings with 3128 port. After adding ACL, Squid will start denying www.youtube.com.
You can get the same result by doing the following changes in squid.conf.
acl ban_domains dstdomain .facebook.com .youtube.com http_access deny ban_domains
Note:- If you follow this guide correctly and still not able to block YouTube.com and Facebook.com, so you might be trying to block “HTTPS domains” e.g (https://youtube.com or https://facebook.com) using this method. This method will not work for HTTPS domains. To understand how squid handle HTTPS traffic and how we can block HTTPS traffic in squid transparent proxy, please follow below two guides:
If you like this Post, please give us your valuable feedback by pressing Vote Up / Vote Down Button. Thanks.
I am Hafiz Haider, co-founder of BroExperts.com. A Computer Geek and a certified Linux enthusiast (RHCE, RHCSA), who strongly believes in sharing knowledge.. You can reach me at firstname.lastname@example.org.