How to: Linux / UNIX setup Squid Proxy authentication

Q. I’m using Squid Cache Version 2.6.STABLE. It is configured perfectly and I’d like to know how do I allow squid to only authenticated users?

A. Squid can authenticate users if squid is configured to use proxy_auth ACLs. Browsers send the user’s authentication credentials in the Authorization request header. If Squid gets a request and the http_access rule list gets to a proxy_auth ACL, Squid looks for the Authorization header. If the header is present, Squid decodes it and extracts a username and password.

If the header is missing, Squid returns an HTTP reply with status 407 (Proxy Authentication Required). The user agent (browser) receives the 407 reply and then prompts the user to enter a name and password. The name and password are encoded, and sent in the Authorization header for subsequent requests to the proxy.

Your Squid software comes with a few authentication helper programs. These include (click link below to open Squid cache authentication configuration tutorial):

🐧 Get the latest tutorials on Linux, Open Source & DevOps via RSS feed or Weekly email newsletter.

🐧 4 comments so far... add one

CategoryList of Unix and Linux commands
Disk space analyzersdf ncdu pydf
File Managementcat cp mkdir tree
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network UtilitiesNetHogs dig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
4 comments… add one
  • deepak Aug 29, 2009 @ 13:18

    I want to know about the user based authentication on squid server.Plz help me

  • mikey Oct 8, 2009 @ 8:08


    ~Mike, Malaysia

  • Anil Pandey Sep 28, 2011 @ 6:54

    I want to know about the user based authentication on squid server.Plz help me
    how to configure it plz guide me step by step

    • Amit Tyagi Mar 21, 2014 @ 11:12


      Squid Proxy Server Configuration in RHEL6
      Introduction of Squid
      Squid is a proxy server for caching and filtering web content. Squid proxy is used by various organization and internet providers to reduce bandwidth and to increase response time.
      Squid proxy service will cache the requested web-content and re-using it for the further request of the same content.

      Why Squid Proxy Server??
      •Website Restriction.
      •Authentication & Security.
      •Bandwidth Management.
      •Time-based Usage.
      Configuration Information
      •PACKAGES REQUIRED: #squid
      •DAEMON: /usr/sbin/squid
      •PORT: 3128 (squid) Default, 80
      •SERVICE: service squid restart
      Configuration Steps-
      •Power on the Server.
      •Login as a root user
      •Type the root user password. And login

      •After Login, Right Click from the mouse on Desktop & Select the “open in terminal “option. For using the command line mode.

      •Check the hostname and ip address of server it will be used in editing
      of squid.conf file.

      •Check the ftp service is running or not by using this command
      • Service (space)vsftpd(space) status (Press Enter)

      •If the service is stop, then run the command
      •service(space) vsftpd(space)restart (Press Enter)
      •Again Run The command-service(space)vsftpd(space)restart (Press Enter)

      •Squid rpm is required to configure squid web proxy server check it for install if not found install it.
      •Run the command for checking the squid rpm is installed or not.
      #rpm(space) –q(space)squid (Press Enter)

      •If the Package is not installed then follow the given below steps-
      •For removing the Package #yum(space)remove(space)squid*
      Step1: Install squid package
      #yum (space) install (space) squid* (Press Enter)

      #Press Y Button from the keyboard for Yes-(Press Enter)

      •Configure the squid proxy as Web Filter

      Block specific web site:

      •For example, we can see how to block specific web sites like this facebook, yahoo and orkut.

      Step1: Create a file and add the site names which have to be blocked.
      #vim(space) /usr/local/etc/blocksites.squid (Press Enter)
      (Press I for enter in Insert mode, for writing any text), & Insert all the websites which have to be blocked for the Network/user.

      After inserting all the websites which have to blocked.
      Press the Esc button of the keyboard, insert
      : wq! , Then press the Enter.
      For save & exit the file.

      *Note-create this file for all the users.every user having own specific file.
      * copy this blocksites.squid file for all users, like-
      #cp(space) /usr/local/etc/blocksites.squid(space)/usr/local/etc/blocksites6.squid
      #cp (space)/usr/local/etc/blocksites.squid(space)/usr/local/etc/blocksites7.squid
      #cp (space)/usr/local/etc/blocksites.squid(space)/usr/local/etc/blocksites8.squid
      #cp (space)/usr/local/etc/blocksites.squid(space)/usr/local/etc/blocksites9.squid
      #cp(space)/usr/local/etc/blocksites.squid(space) /usr/local/etc/blocksites10.squid
      As so on…………for all users……
      #for example-if we having the 50 users in the network then we have to create 50 blocksites files.

      #Go to inside the directory- cd(space)/usr/local/etc/ (Press Enter)
      #ls (Press Enter)

      Step2: Open squid configuration file and create acl (access control list) for all users.


      By default squid configuration file “/etc/squid/squid.conf” will contains recommended minimum configuration and squid caching feature will work without making any changes. Recommended minimum configuration will looks like the below-

      #Press the Down Arrow key from the keyboard to see the full file content.

      #Press the Down Arrow key from the keyboard to see the full file content.

      #Press I Button from the keyboard for Insert any text in file.
      #creates the acl (access control list) or rule for all users at the Place (Link-1) in default squid configuration file.Like-

      #creates the rules for allowing /denying websites for particular user/host at the place (Link-2) in default squid configuration file.Like-

      #Change the http_Port 3128 to http_port IP Address of server: 80 in /etc/squid/squid.conf at the place (Link-3).

      #Press the Esc Button of the keyboard. Type
      : wq!
      For save & Exit.
      #service (space) squid (space) restart (Press Enter)
      #chkconfig (space) squid (space) on (Press Enter)

      Client side Configuration

      Setup client to use squid cache proxy server
      #For Mozila Firefox-
      #First we start with Mozilla Firefox browser. Click Tools menu and choose Options….

      #In ‘Options’ window, choose Advanced tab. There are General, Network, Update and Encryption tabs. Choose Network and in the ‘Connection section’, click Settings… to configure how Firefox connects to the Internet.

      #In ‘Connection Settings’ window, click Manual proxy configuration and key in ‘HTTP Proxy’ and ‘Port’. Don’t forget to tick Use this proxy server for all protocols.

      #Click OK.

      #For Internet Explorer-
      #For Internet Explorer browser, follow the steps below to configure Squid cache proxy client:
      #Click on Internet explorer.
      #Click on “Tool” Tab. Select the “internet Options”

      #Select the Connections Tab.

      #Click on LAN Setting, when ‘Local Area Network Settings’ window pops up, enter Squid proxy server IP address and port in ‘Proxy server’ section. Click ‘OK’.

      How to Disable Proxy setting for users in Internet Explorer.
      So that any user can not change the proxy setting.
      #Click on “Start” Button

      #then click on “Run” Tab

      #Type “gpedit.msc”in Run, for open the Group Policy. Then Press “OK” Button.

      #in the “Group Policy” window select the “user configuration” Tab

      #Then Select the “Administrative Templates” Tab.

      #now select the “windows components” Tab

      #now select the “internet explorer” tab.

      #now select the “internet control panel” Tab.

      #click on “Disable the connections page”. which is “not configured”.

      #In “Disable the connections page Properties” Page select the “enable” Tab. Then Click on “Apply” & “OK”.

      #Backup & Restoration of Squid Configuration file-
      #make a folder/Directory on the desktop.
      #mkdir(space)/root/Desktop/folder name(backup) (Press Enter)

      #copy the squid.conf file at desired location.
      #cp(space)/etc/squid/squid.conf (space)/root/Desktop/squid.conf
      (Press Enter)

      #copy all the blocksites file at backup folder.
      #cp –r /usr/local/etc/(space)/root/Desktop/backup/

      #keeps the backup folder as a backup.

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre> for code samples. Still have questions? Post it on our forum