Squid is a Linux-based proxy application. Like most proxy servers, it can be used for filtering traffic, security, and DNS lookups. Also, Squid can also speed up a web server by caching resources.

The Squid Proxy allows a server to cache frequently visited web pages. When the user requests a web page or file, the request goes to the proxy server — an intermediary device between the user’s device and the internet. The proxy server pulls resources and relays them to the user.

This guide will walk you thru you setting up and installing Squid Proxy on Ubuntu.


  • An Ubuntu operating system
  • Access to a terminal window / command line (Ctrl-Alt-T)
  • A user account with root or sudo privileges


  • The apt package installer, included by default
  • A text editor, such as nano

Step 1: Refresh the Software Repositories

Launch a terminal window, and enter the following:

sudo apt-get update

This ensures you’re working with the latest software version available.

Step 2: Install Squid Package

Enter the following:

sudo apt-get install squid

The system should prompt for confirmation – enter Y and allow the process to complete.

Step 3: Working with the Squid Service

You can check the status of your Squid software by entering:

sudo systemctl status squid

This will tell you whether the service is running or not.

To start the service enter:

sudo systemctl start squid

Then set the Squid service to launch when the system starts by entering:

sudo systemctl enable squid

You can re-run the status command now to verify the service is up and running.

Note: If you need to stop the service, enter the following:

sudo systemctl stop squid

To prevent Squid from launching at startup, enter:

sudo systemctl disable squid

Step 4: Basic Squid Configuration

The Squid configuration file is found at /etc/squid/squid.conf.

Open this file in your text editor:

sudo nano /etc/squid/squid.conf

Navigate to find the http_port option. Typically, this is set to listen on Port 3218. This port usually carries TCP traffic. If your system is configured for traffic on another port, change it here.

You may also set the proxy mode to transparent if you’d like to prevent Squid from modifying your requests and responses.

Change it as follows:

http_port 1234 transparent

Navigate to the http_acacess deny all option. This is currently configured to block all HTTP traffic. This means no web traffic is allowed.

Change this to the following:

http_access allow all

Navigate to the visible_hostname option. Add any name you’d like to this entry. This is how the server will appear to anyone trying to connect. Save the changes and exit.

Restart the Squid service by entering:

sudo systemctl restart squid

Step 5: Additional Configuration Options

Create an ACL

Note: after each of these steps, you should save and exit, then restart the Squid service to apply the new configuration.

Create an access control list by editing the squid.conf file again, as in Step 4.

Add a new line as follows:

acl localnet src

This will create a rule that only allows the system at this IP address to connect. It is recommended that you comment the line to identify the rule:

acl localnet src # test computer

Anything after the # sign is ignored by Squid.

You can specify a range of IP address as follows:

acl localnet src

Open Ports

To open a specific port, add the following:

acl Safe_ports port 123 # Custom port

Configure Proxy Authentication

This forces users to authenticate to use the proxy.

Start by installing apache2-utils:

sudo apt-get install apache2-utils

Create a passwd file, and change the ownership to the Squid user proxy:

sudo touch /etc/squid/passwd

sudo chown proxy: etc/squid/passwd

Add a new user and password

sudo htpasswd /etc/squid/passwd newuser

The system will prompt you to enter and confirm a password for newuser.

Edit the /etc/squid/squid.conf file, and add the following command lines:

auth_param basic program /usr/lib64/squid/basic_ncsa_auth /etc/squid/passwd

auth_param basic children 5

auth_param basic realm Squid Basic Authentication

auth_param basic credentialsttl 2 hours

acl auth_users proxy_auth REQUIRED

http_access allow auth_users

Step 6: Block Websites and Keywords

Create and edit a new text file /etc/squid/blocked.acl by entering:

sudo nano /etc/squid/blocked.acl

In this file, add the websites to be blocked, starting with a dot:

Note: The dot specifies to block all subsites of the main site.

Open the /etc/squid/squid.conf file again:

sudo nano /etc/squid/squid.conf

Add the following lines just above your ACL list:

acl blocked_websites dstdomain “/etc/squid/blocked.acl”

http_access deny blocked_websites

Step 7: Configure the Client to Use Squid Proxy

All this configuration has been to set up your Squid proxy server. Now, switch to your client machine and open your web browser.

If you’re using Firefox, you can find the proxy settings under:

Menu > Options > Network Settings > Settings

Tick the radio button for Manual proxy configuration.

If you entered a hostname in Step 4, you should be able to enter that name plus the port you designated. Otherwise, use the IP address for the system hosting your Squid proxy.

To test, you can visit – if your proxy is working, your IP address should display as the proxy server’s IP address.


If you’ve followed along, you should have a basic understanding of how Squid works, and how to install and configure a Squid Proxy on Ubuntu.

Proxy servers are a valuable tool for securing network traffic, preventing attacks and restricting access.