You need to setup an acl on a squid proxy server to block Microsoft Internet Explorer or any other browser of your choice. This tutorials explains how to block [donotprint]
| Tutorial details | |
|---|---|
| Difficulty | Easy (rss) |
| Root privileges | Yes |
| Requirements | Squid 3.x |
| Time | 5m |
ADVERTISEMENTS
Warning: Please note that third-party browser add-ons or bots can alter the user-agent string on the client side itself. So the following may not work at all.
Syntax to block squid using User-Agent header
The acl syntax is as follows tn match on User-Agent header:
acl acl_name_here browser User_Agent_Here
Step 1: Edit squid.conf
Type the following command:
sudo vi /etc/squid/squid.conf |
Step 2: Enable User-agent log in squid.conf
Make sure access_log set to combined (default is squid):
access_log daemon:/var/log/squid3/access.log combined |
Step 3: Update/append acl
Local acl section and append the following configuration directives to your squid.conf file:
## block all version of MSIE ## acl block_browser browser MSIE http_access deny block_browser |
It is also possible to block specific version or other browsers too:
acl block_bad_browser browser MSIE.9
acl block_bad_browser browser MSIE.10
acl block_bad_browser browser Firefox
acl block_bad_browser browser Chrome/38
http_access deny block_bad_browser |
You can also use the following syntax which is very fast:
acl aclname req_header header-name [-i] regex |
Save and close the file.
Step 4: Reload squid server
To reload Squid Proxy Server without restarting squid daemon, enter:
sudo /usr/sbin/squid -k reconfigure |
Step 5: Test it
Here is a sample screen showing blocked browser:
Fig.01: Firefox is blocked using Squid 3.x
References
- Squid configuration directive acl documentation.
🐧 Get the latest tutorials on SysAdmin, Linux/Unix, Open Source/DevOps topics:
- RSS feed or Weekly email newsletter
- Share to Twitter • Facebook • 2 comments... add one ↓
UP NEXT
How to install Firefox 59 Quantum on a Linux
How to install Squid Proxy Server on Ubuntu 20.04 LTS Linux
How To Listen Pandora In Europe Outside USA Using Proxy
How To Patch and Protect Linux Server Against the Glibc GHOST Vulnerability # CVE-2015-0235
CentOS 8 set up WireGuard VPN server
Debian / Ubuntu Linux: Install SquidGuard Web Filter Plugin For Squid 3.x To Block Unwanted Sites
Squid test config file for syntax errors
| Category | List of Unix and Linux commands |
|---|---|
| File Management | cat |
| Firewall | CentOS 8 • OpenSUSE • RHEL 8 • Ubuntu 16.04 • Ubuntu 18.04 • Ubuntu 20.04 |
| Network Utilities | dig • host • ip • nmap |
| OpenVPN | CentOS 7 • CentOS 8 • Debian 10 • Debian 8/9 • Ubuntu 18.04 • Ubuntu 20.04 |
| Package Manager | apk • apt |
| Processes Management | bg • chroot • disown • fg • jobs • killall • kill • pidof • pstree • pwdx • time |
| Searching | grep • whereis • which |
| User Information | groups • id • lastcomm • last • lid/libuser-lid • logname • members • users • whoami • who • w |
| WireGuard VPN | CentOS 8 • Debian 10 • Firewall • Ubuntu 20.04 |
shouldn’t this read:
acl block_browser browser MSIE
http_access deny block_browser
Not:
acl block_browser browser MSIE
http_access deny block_browse
You left off the final “R”. I’m not trying to nit pick but I assume that the block_browser label should match on each line.
You also did the same thing for block_bad_browser in your second code segment.
Thanks for the heads up!