FreeKB - Squid Proxy Server Allow certain domains or IP addresses
Squid Proxy Server - Allow certain domains or IP addresses

Lets say we want to permit access to most every website on the Internet, but deny certain websites. Create a file named blocked_sites.

touch blocked.sites

 

Add the sites to be blocked to the blocked_sites file.

www.example.com

 

Add the following in /etc/squid/squid.conf or /etc/squid3/squid.conf:

acl blocked_sites dstdomain "/etc/squid/blocked.sites"
http_access deny blocked_sites

 

The ps command can be used to determine if your system is using init or systemd. If PID 1 is init, then you will use the service command. If PID 1 is systemd, then you will use the systemctl command.

If your system is using systemd, use the systemctl command to start and enable squid.

systemctl enable squid 
systemctl start squid 
systemctl status squid 

 

If your system is using init, use the chkconfig and service commands to start and enable squid.

chkconfig squid on
service squid start
service squid status

 

www.example.com should now produce the following:

 


Access can also be denied for certain keywords. Create a file named blocked_keywords.

touch blocked.keywords

 

Add the sites to be blocked to the blocked_sites file.

porn
pornography

 

acl blocked_keywords url_regex -i "/etc/squid/blocked.keywords"
http_access deny blocked_keywords

 

If your system is using systemd, use the systemctl command to start and enable squid.

systemctl enable squid 
systemctl start squid 
systemctl status squid 

 

If your system is using init, use the service command to start and enable squid.

service squid enable
service squid start
service squid status

Porn websites should now produce the following:

 



Add a Comment




We will never share your name or email with anyone. Enter your email if you would like to be notified when we respond to your comment.




Please enter 8b463 in the box below so that we can be sure you are a human.




Comments

Web design by yours truely - me, myself, and I   |   jeremy.canfield@freekb.net   |