Hello, I’m currently trying to set up a Squid proxy server on my Ubuntu machine and I’d like to use SquidGuard to implement URL filtering. However, I’m not exactly sure how to go about configuring Squid to work with SquidGuard.
From my understanding, I need to integrate Squid and SquidGuard in such a way that the Squid proxy forwards all incoming requests to SquidGuard first. SquidGuard should then apply its URL filtering rules, block inappropriate content, and allow everything else to pass through.
Here’s what I’ve done so far:
-
I’ve successfully installed and started Squid on my machine and it’s currently running with the default configuration. I can use it as a basic proxy without any issues.
-
I’ve installed SquidGuard using
sudo apt-get install squidguardand it’s also running with the default configuration.
However, I’m stuck at how to configure both to work together. Specifically, I’m unsure about:
- How to tell Squid to forward requests to SquidGuard for URL filtering?
- What changes should be made in the
squid.confandsquidGuard.conffiles to integrate both? - How to create custom filtering rules in SquidGuard?
Any help with these would be highly appreciated. Also, if anyone can provide an example squid.conf and squidGuard.conf configuration that works with URL filtering, that would be great.
Thank you.
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Heya,
Here’s a basic guide on how you can integrate Squid and SquidGuard.
First, let’s configure Squid to use SquidGuard.
Open the Squid configuration file. It’s typically located at /etc/squid/squid.conf.
- sudo nano /etc/squid/squid.conf
Add the following lines to the file. This will tell Squid to use SquidGuard as a URL rewriter:
url_rewrite_program /usr/bin/squidGuard
Next, let’s configure SquidGuard.
Open the SquidGuard configuration file. It’s typically located at /etc/squidguard/squidGuard.conf.
sudo nano /etc/squidguard/squidGuard.conf
In this file, you can define access control lists (ACLs) and redirect rules. Here’s an example configuration:
dbhome /var/lib/squidguard/db
logdir /var/log/squidguard
dest block {
domainlist block/domains
urllist block/urls
}
acl {
default {
pass !block all
redirect http://localhost/block.html
}
}
This configuration blocks the domains and URLs listed in the block/domains and block/urls files. All blocked requests are redirected to http://localhost/block.html.
Create the block blacklist and populate the domains and urls files:
sudo mkdir /var/lib/squidguard/db/block
echo "badwebsite.com" | sudo tee /var/lib/squidguard/db/block/domains
echo "badurl.com/badcontent" | sudo tee /var/lib/squidguard/db/block/urls
Update SquidGuard’s blacklist database:
- sudo squidGuard -C all -d
Change the ownership of the SquidGuard db directory to the proxy user (usually proxy or squid):
- sudo chown -R proxy:proxy /var/lib/squidguard/db
- sudo systemctl restart squid
That’s it! Now, Squid should be using SquidGuard for URL filtering. Remember to replace "badwebsite.com" and "badurl.com/badcontent" with the actual domains and URLs you want to block. Also, replace "http://localhost/block.html" with the actual URL where you host your block page.
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and AI-native businesses
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.