HowTo Block Internet Explorer Browser With Squid Proxy Server on a Linux/Unix Server

Author: Vivek Gite Last updated: May 4, 2015 2 comments

I want to block Internet Explorer (MS-IE) browser on a squid proxy server running on a Linux or Unix-like systems. How can I block IE on a squid proxy server version 3.x?

You need to setup an acl on a squid proxy server to block Microsoft Internet Explorer or any other browser of your choice. This tutorials explains how to block [donotprint]

Tutorial details
Difficulty	Easy (rss)
Root privileges	Yes
Requirements	Squid 3.x
Time	5m

[/donotprint] Internet Explorer browsers with Squid proxy running on a Ubuntu Linux and CentOS Linux version 6.x server. This is also useful to fix an known vulnerability coming from a specific version of browser. Please note the following acl based on user-agents and it can be spoofed easily.

Warning: Please note that third-party browser add-ons or bots can alter the user-agent string on the client side itself. So the following may not work at all.

Syntax to block squid using User-Agent header

The acl syntax is as follows tn match on User-Agent header:

acl acl_name_here browser User_Agent_Here

Step 1: Edit squid.conf

Type the following command:

sudo vi /etc/squid/squid.conf

Step 2: Enable User-agent log in squid.conf

Make sure access_log set to combined (default is squid):

access_log daemon:/var/log/squid3/access.log combined

Step 3: Update/append acl

Local acl section and append the following configuration directives to your squid.conf file:

## block all version of MSIE ## 
acl block_browser browser MSIE
http_access deny block_browser

It is also possible to block specific version or other browsers too:

acl block_bad_browser browser MSIE.9
acl block_bad_browser browser MSIE.10
acl block_bad_browser browser Firefox
acl block_bad_browser browser Chrome/38
http_access deny block_bad_browser

You can also use the following syntax which is very fast:

acl aclname req_header header-name [-i] regex

Save and close the file.

Step 4: Reload squid server

To reload Squid Proxy Server without restarting squid daemon, enter:

sudo /usr/sbin/squid -k reconfigure

Step 5: Test it

Here is a sample screen showing blocked browser:

Fig.01: Firefox is blocked using Squid 3.x

References

Squid configuration directive acl documentation.

🐧 Get the latest tutorials on Linux, Open Source & DevOps via RSS feed or Weekly email newsletter.

🐧 2 comments so far... add one ↓

Related Tutorials

Category	List of Unix and Linux commands
File Management	cat
Firewall	Alpine Awall • CentOS 8 • OpenSUSE • RHEL 8 • Ubuntu 16.04 • Ubuntu 18.04 • Ubuntu 20.04
Network Utilities	dig • host • ip • nmap
OpenVPN	CentOS 7 • CentOS 8 • Debian 10 • Debian 8/9 • Ubuntu 18.04 • Ubuntu 20.04
Package Manager	apk • apt
Processes Management	bg • chroot • cron • disown • fg • jobs • killall • kill • pidof • pstree • pwdx • time
Searching	grep • whereis • which
User Information	groups • id • lastcomm • last • lid/libuser-lid • logname • members • users • whoami • who • w
WireGuard VPN	Alpine • CentOS 8 • Debian 10 • Firewall • Ubuntu 20.04

2 comments… add one

Daniel May 3, 2015 @ 23:25

shouldn’t this read:
acl block_browser browser MSIE
http_access deny block_browser

Not:
acl block_browser browser MSIE
http_access deny block_browse

You left off the final “R”. I’m not trying to nit pick but I assume that the block_browser label should match on each line.
You also did the same thing for block_bad_browser in your second code segment.

Reply Link
- 🐧 Vivek Gite May 4, 2015 @ 6:17
  
  Thanks for the heads up!
  
  Reply Link

Use HTML <pre>...</pre> for code samples. Problem posting comment? Email me @ webmaster@cyberciti.biz