About Linux FAQ

• So much to read, so little time! Read our FAQ to help you cut through the clutter of information overload. more »

• nixCraft welcomes readers' articles and guest blogging posts. We're interested in articles on programming, security, database, Linux and anything else related to technology.

Browse More FAQs:

• squid
• See all FAQ sections...

Squid deny users accessing a website

Q. How do I deny a user accessing particular website? For example block foo.com.

A. Squid cache is a popular open source web proxy server and web cache software.

It has a wide variety of uses, from speeding up a web server by caching repeated requests, to caching web, DNS and other network lookups for a group of people sharing network resources, to aiding security by filtering traffic.

Squid has powerful ACL (access control list). The primary use of the acl system is to implement simple access control.

How to deny a user from accessing particular site?

To block site called foo.com you need to add following two lines to your squid configuration file.
# vi /etc/squid/squid.conf

Search for `Access Controls' and append following two lines:
acl blocksites dstdomain .foo.com
http_access deny blocksites

Save and close the file. Restart Squid:
# /etc/init.d/squid restart

Let us say you would like to deny access for anyone who browses to a URL with the word "bar" in it. Append following ACL:
acl blockregexurl url_regex -i bar
http_access deny blockregexurl


Save and close the file.

Subscribe to our free e-mail newsletter or RSS feed to get all updates. You can Email this page to a friend.

Related Linux / UNIX FAQ:

• Apache restrict access based on IP address to selected directories
• Restrict ssh access using tcpd (TCPWrapper)
• Restrict certain users log onto a system via SSH server
• Linux: Openssh (ssh server) deny root user access
• Allow root account to use SSH (openssh)

Discussion on This FAQ

1. HackITLinux Says:
   January 7th, 2007 at 11:34 pm

   Block Unwanted Traffic…

   If you are managing a network connected to the internet with limited bandwidth, sometimes it makes sense to block unwanted traffic. To corporate or academic networks, blocking audio and video files are not uncommon. If you are like me,……

2. Maroon Says:
   January 22nd, 2007 at 8:46 am

   it’s out of subject! but related to SQuid.

   I need to know what is the best filesystem compatilbe with storeio? to get the best perfomance ever…

   one more questions about refresh_pattern anyone explain more to me about it…

   any help would be highly appreciated

   this squid is for caching onlu purpose and I’m looking to fine-tune it to get the best caching server ever.. thank you

3. Tek Bahadur Limbu Says:
   February 19th, 2007 at 8:40 am

   If you would like to experiment on Squid, the best file storage system for Squid would be COSS in my opinion. I am currently using ufs, aufs, diskd and coss in my squid servers. You have to compile Squid with the following options to enable all the storage systems: –enable-storeio=coss,ufs diskd null aufs

   Please see the great Squid FAQ at: http://wiki.squid-cache.org/SquidFaq/

   The default refresh-pattern should be good enough for almost any system:

   refresh_pattern ^ftp: 1440 20% 10080
   refresh_pattern ^gopher: 1440 0% 1440
   refresh_pattern . 0 20% 4320

   However if your needs are very specific, please see the default squid.conf for further details.

   Have a nice day !!

4. elvis Says:
   March 2nd, 2007 at 8:45 am

   hi,
   i setup squid on a win2003 server os.fine i got it working but my challenge now is getting it to do web filtering to restrict access to certain sites. my research on this brought me to this site and i have tried the methods described here with no success.pls can any one help me out with this? u could send ur reply to my email: uwa45@yahoo.com. if neccessary a squid conf file wld be appreciated so that i can cross check with what i did.
   Thanks for all ur help and support.

5. size limitetion for attachment Says:
   July 14th, 2007 at 7:50 am

   hi,
   I setup the squid in linux intigration of windows. we are useing more then 20 users every thinking is working fine, but i think due to trafic squid is working only a day after it is dead. i want to improve the stability (mean i want to do fine fuining)

   and i what restrict the users while attching file size to 1M maximem.

   pls do the needful

6. kulpreet Says:
   August 2nd, 2007 at 7:48 am

   Qiestion: How to configure sarg and squidGuard for squid servers to improve performance ?

7. Jv Says:
   January 29th, 2008 at 12:34 pm

   What r the solution for many no. of sites/domain blocking using above method?

8. Nandkishor Says:
   April 10th, 2008 at 9:47 am

   I have setup the transperant squid proxy to block some downloading & some urls.
   How to block or deny the online listening musics & videows. Like for url youtube.com

   Any Idea.

   Cheers,
   Nandkihosr

Leave a Reply

We encourage your comments, and suggestions. But please stay on topic, be polite, and avoid spam. Please do not use the comment form to ask for help / question. Ask your question on the excellent Linux tech support forum. Thank you very much for stopping by our site!

~ Last updated on: January 2, 2007

Would you like to...

• Print this page
• Email this page

Community

• Ask questions, share answers, and post your favorite Linux hacks, tips and tricks on the nixCraft forum.

Archives

• Select Month May 2008 April 2008 March 2008 February 2008 January 2008 December 2007 November 2007 October 2007 September 2007 August 2007 July 2007 June 2007 May 2007 April 2007 March 2007 February 2007 January 2007 December 2006 November 2006 October 2006 September 2006 August 2006 July 2006 June 2006 May 2006 April 2006 March 2006 February 2006 January 2006

more ~/options

• Hall of fame
• Sections
• About us
• Testimonials
• Donations
• Help
• Contact

nixCraft RSS Feeds

Copyright © 2006-2008 nixCraft. All rights reserved - TOS/Disclaimer - Privacy policy - Sitemap - Powered by Open source software.