Squid Block any Domain Name Accessing the Internet

last updated February 6, 2008 in Linux, Networking, Security, Squid, UNIX

Q. How do I block any website accessing the Internet using squid proxy server?

A. You can simply use squid ACL to block access to any web site. There are 3 steps:

#1. Create a text file with blocked domain name list such as baddomain1.com, mail.yahoo.com, gmail.com and so on

#2. Define Acl

#3. Restart squid

First, create a file called /etc/squid/blocked.domains.acl
# vi /etc/squid/blocked.domains.acl
Append domain names,
gmail.com baddomain.com sex.com mail.yahoo.com
Save and close the file. Open squid.conf file:
# vi /etc/squid/squid.conf
Create acl called blockeddomain:
acl blockeddomain dstdomain "/etc/squid/blocked.domains.acl"
Deny http access, enter:
http_access deny blockeddomain
Close and save the file. Restart squid proxy server:
# /etc/init.d/squid restart

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.

Your support makes a big difference:

I have a small favor to ask. More people are reading the nixCraft. Many of you block advertising which is your right, and advertising revenues are not sufficient to cover my operating costs. So you can see why I need to ask for your help. The nixCraft takes a lot of my time and hard work to produce. If everyone who reads nixCraft, who likes it, helps fund it, my future would be more secure. You can donate as little as $1 to support nixCraft:

Become a Supporter Make a contribution via Paypal/Bitcoin

7 comment

Waloyce says:
October 18, 2008 at 12:38 pm
thanks for the tutorial it helped me a lot especially on blocking port and domain
Also the tutorial are ellaborative even to new comes to linux
Keep it up
Regard
Waloyce
1. vinay says:
  April 9, 2012 at 1:09 pm
  Squid Block any Domain Name Accessing the Internet
Sputnik says:
August 25, 2009 at 3:54 am
does this resolution given works with LINUX SUSE 11.1?
I made the necessary changes but still does not work
Sputnik
Vivek says:
September 20, 2009 at 12:48 pm
explained well to understand at the first look, thank you.
Vivek says:
October 15, 2009 at 4:49 am
explained effectively ….Thank you so much…..
manan says:
February 27, 2010 at 7:33 pm
this is not working at all for me ,I have rhel5server ,still clients able to access the sites .
vooo says:
March 14, 2010 at 8:16 am
Boomer this cannot do urls or wildcard just full domain names …

Have a question? Post it on our forum!

Tagged as: acl, proxy server, Squid, squid block domain, squid block domain acl, squid block mail service, squid block sites, squid block url, squid block websites, squid cache, squid configuration, squid howto, squid linux, squid proxy, squid proxy server