Setup Squid as a HTTP proxy to browse blocked web sites!

by Ruchira on January 4, 2011

Have you ever worried about your government,workplace,school or ISP limitations for web sites? Are you behind Great firewall of china? are you worried about browsing speeds with overloaded or slow web proxy services?

HTTP proxies are the best solution for you. And with squid cache you can make a nice HTTP proxy for your personal or family use.

In my case I have tried SSH SOCKS5 method for access blocked sites but I feel it too slow because connection is encrypted but its so secure than HTTP proxy.

But I don’t need much security like SOCKS5 offer So I have decided to setup squid as a proxy server for my personal use. And felt that its delivering blazing fast speed as same as I’m browsing without proxies.

So now all my firefox traffic is going through HTTP Squid proxy running on UK 512MB XEN box that I had spare and I don’t thinking about going back to normal no proxy mode because speed is same as no proxy.

So here is my guide to setup squid as a proxy server on ubuntu or debian for you!

What you will need-

  • A VPS or dedicated server with minimum ram of 64MB (64MB of ram will be enough because squid doesn’t eat much ram)
  • Debian or Ubuntu installed on your server
  • NANO text editor installed on your server ( run “apt-get install nano” to install it if you dont have it already)

Steps-

Install squid on your ubuntu or debian server, issue this command over SSH

 apt-get install squid

Then squid is successfully installed and you need to setup squid to access internet because its currently set only for localhost

squid’s config file is huge so we need to find some lines using nano on squid config file.

Issue this commands to open squid config file with NANO text editor.

nano /etc/squid/squid.conf

squid config Setup Squid as a HTTP proxy to browse blocked web sites!

On there we need to add 2 lines to configure this for our personal use.

You can add then on top of the page. those 2 lines are

http_access allow all

http_access allow localnet

Here is the squid.conf file after adding that 2 lines

squid modified conf Setup Squid as a HTTP proxy to browse blocked web sites!

So that’s it on server side. Restart squid to load our configuration.

 restart squid

Like I said previously on this guide I’m not focused on setting up security for squid like adding ACL (Access Control Lists) to prevent other users using your proxy etc.

But this is 1000 times better than setting up a php web based proxy to browse the web.

While server side setup complete we need to setup our web browsers to use our proxy. I think you are probably using firefox to browse the web so here is the configuration for firefox for other programs you can use the same.

On firefox navigate to Tools=>Options=>Advanced=>Network=>Settings=>Manual Proxy Configuration

On that page enter your IP address that squid is installed and port as 3128 because we didn’t changed the default squid port. Also click the checkbox “Use this proxy server for all protocols”

firefox settings Setup Squid as a HTTP proxy to browse blocked web sites!

Thats it! icon smile Setup Squid as a HTTP proxy to browse blocked web sites!

Note that

  • We didn’t setup Access Control Lists so any one who knows your squid server ip address and port can use your proxy.
  • When choosing a server for setting up squid for your use try to get a server which gives lowest ping times for your location which will help you to browse more fast.
I'm Ruchira Sahan and all posts on this blog are completely my thoughts and writings. I love DIY and Technology. So feel free to contact me for anything about this blog and don't forget to add a comment if this blog helped you! Thanks
 Setup Squid as a HTTP proxy to browse blocked web sites!
Ruchira
View all posts by Ruchira

Last 5 posts by Ruchira

  • http://www.myarcade.ws/ Marl

    Looks easy. :)

    Hmm.. How about stopping squid when not in use, will that make it secure?

    • http://www.ruchirablog.com Ruchira

      Yes if you stopped it nothing will happen! And also I said im not focused about security is not server security,bugs etc.
      I said in this setup anyone can use your proxy if they know your ip and port. Thats the only drawback.

      • http://www.myarcade.ws/ Marl

        hey man I just tried this today, but after adding that two lines above “http_acess…” I have this error when restarting :

        Restarting Squid HTTP proxy: squid2011/02/07 23:49:08| ACL name ‘all’ not defined!
        FATAL: Bungled squid.conf line 1: http_access allow all
        Squid Cache (Version 2.7.STABLE3): Terminated abnormally.
        failed!

        How to fix this?

        • http://www.ruchirablog.com Ruchira

          IMEI: 359945034016272

          Unlock: 38480412
          Flash: 48406212

        • Sonic

          I got same problem, how to fix this?

  • niroshan

    Dear ruchira

    This is too technical for me
    I need something that will allow me to use skype to chat with my family…
    skype is blocked in the country i work
    Thanks

    • http://www.ruchirablog.com Ruchira

      best thing is buy a VPN account!

  • Muhammad Nur Husni

    Very nice………

  • Brad

    This helped me alot… thanks for your excellent guide!

  • Joel

    This is not a solution for people living in China, like myself. The connection between the client and the proxy is not encrypted so traffic is easily filtered by China’s Great Firewall. I have tested it myself and pages normally blocked, like Facebook and Youtube, still failed to load.

    A better solution is to signup for a VPS (outside China) and then initiate a secure SOCKS proxy tunnel via SSH, by running this shell command on your PC:
    ssh -D 9999 @ -C
    ‘-D’ sets up the SOCKS proxy and ‘-C’ enables compression (hopefully making it faster)

    However the best solution is to use a VPN service because the solution above unfortunately does not handle DNS requests (DNS operates on UDP and SOCKS only handles TCP). Instead, DNS requests will be sent to your Chinese internet provider rather than over the SSH tunnel. Chinese Internet providers have been known to poison DNS records so they simply can’t be trusted.

    Unfortunately the Chinese government has started to block more and more commercial VPN services, so I recommend setting up your own OpenVPN server on your VPS.

  • Dexter

    Hi,

    facebook is blocked by isp, i have installed squid on a remote server and configured it on my browser as you mention on this blog, but when i am browsing facebook.com I am being redirected to following URL.

    http://221.120.206.52/?blocked-page

    Any help would be appreciated.

    • http://www.ruchirablog.com Ruchira

      looks like there is a configuration problem. is that the same error that you are getting when you arent using the proxy?

  • Dexter

    Oh looks like the problem is with chrome, it is working fine on IE.

  • John

    The instructions in this guide are DANGEROUS and INSECURE. DO NOT use this guide. An open HTTP proxy is vulnerable to hackers and bots that are constantly scanning for insecure proxies to exploit.

    • http://www.ruchirablog.com Ruchira

      yes anyone can use this proxy if they get to know the ip and port. But did you read the article to the bottom? I have warned about it

  • pandadada…

    The wall of our great country is so famous …

Previous post:

Next post: