You need to setup an acl on a squid proxy server to block Microsoft Internet Explorer or any other browser of your choice. This tutorials explains how to block [donotprint]
Tutorial details | |
---|---|
Difficulty | Easy (rss) |
Root privileges | Yes |
Requirements | Squid 3.x |
Time | 5m |
Warning: Please note that third-party browser add-ons or bots can alter the user-agent string on the client side itself. So the following may not work at all.
Syntax to block squid using User-Agent header
The acl syntax is as follows tn match on User-Agent header:
acl acl_name_here browser User_Agent_Here
Step 1: Edit squid.conf
Type the following command:
sudo vi /etc/squid/squid.conf
Step 2: Enable User-agent log in squid.conf
Make sure access_log set to combined (default is squid):
access_log daemon:/var/log/squid3/access.log combined
Step 3: Update/append acl
Local acl section and append the following configuration directives to your squid.conf file:
## block all version of MSIE ## acl block_browser browser MSIE http_access deny block_browser
It is also possible to block specific version or other browsers too:
acl block_bad_browser browser MSIE.9
acl block_bad_browser browser MSIE.10
acl block_bad_browser browser Firefox
acl block_bad_browser browser Chrome/38
http_access deny block_bad_browser
You can also use the following syntax which is very fast:
acl aclname req_header header-name [-i] regex
Save and close the file.
Step 4: Reload squid server
To reload Squid Proxy Server without restarting squid daemon, enter:
sudo /usr/sbin/squid -k reconfigure
Step 5: Test it
Here is a sample screen showing blocked browser:
Fig.01: Firefox is blocked using Squid 3.x
References
- Squid configuration directive acl documentation.
🐧 2 comments so far... add one ↓
Category | List of Unix and Linux commands |
---|---|
File Management | cat |
Firewall | Alpine Awall • CentOS 8 • OpenSUSE • RHEL 8 • Ubuntu 16.04 • Ubuntu 18.04 • Ubuntu 20.04 |
Network Utilities | dig • host • ip • nmap |
OpenVPN | CentOS 7 • CentOS 8 • Debian 10 • Debian 8/9 • Ubuntu 18.04 • Ubuntu 20.04 |
Package Manager | apk • apt |
Processes Management | bg • chroot • cron • disown • fg • jobs • killall • kill • pidof • pstree • pwdx • time |
Searching | grep • whereis • which |
User Information | groups • id • lastcomm • last • lid/libuser-lid • logname • members • users • whoami • who • w |
WireGuard VPN | Alpine • CentOS 8 • Debian 10 • Firewall • Ubuntu 20.04 |
shouldn’t this read:
acl block_browser browser MSIE
http_access deny block_browser
Not:
acl block_browser browser MSIE
http_access deny block_browse
You left off the final “R”. I’m not trying to nit pick but I assume that the block_browser label should match on each line.
You also did the same thing for block_bad_browser in your second code segment.
Thanks for the heads up!