In our earlier tutorials regarding Squid proxy server, we have learned to install & configure squid proxy, setup ACLs ( Squid proxy installation & configuration, also discussed about squid with authentication & also configured SARG for analyzing squid logs.

Now in this tutorial, we will learn some Squid tips & tricks or rather some advanced options that can be configured with squid proxy server to make it more useful.

(Recommended Read: Some pretty useful YUM tips & tricks )

 

====================================================================================

Squid Tips & tricks

=====================================================================================

Setting up squid with a customized port

Default port number for Squid proxy server is 3128 but we can change it any other port as per our requirement. For example, if we want to change the default port from 3128 to 8080, we can do so by making any entry for same in squid configuration file i.e. '/etc/squid/squid.conf'

Open squid.conf,

$ sudo vim /etc/squid/squid.conf

& search for 'http_port 3128' & change it to

http_port 8080

Save file & exit. Than restart the squid service to implement the changes.

$ sudo systemctl restart squid

We can also use

$ sudo squid -k reconfigure

to implement changes, without restarting the squid service.

 

Limit download size of the files

We can also impose a download limit based on file size for squid proxy users. We need to provide 'reply_max_body_size' directive in squid.conf file to impose a file size limit.

Open squid.conf

$ sudo vim /etc/squid/squid.conf

& make the following entry in the bottom of the file

reply_body_max_size 5120 KB all

This will impose a limit of max 5Mb download for a single file for all the squid users. We can also impose limit based on user,

reply_body_max_size 5120 KB user1 user2

or based on group,

reply_body_max_size 5120 KB user1 group2

After making changes to file save it & restart or reconfigure squid to implement the changes.

 

Limit upload size of the files

To impose limit of size of file that can be uploaded, we use “request_body_max_size”. Make the following entry in squid.conf to impose limit on file uploads,

$ sudo vim /etc/squid/squid.conf

request_body_max_size 100kb

Save file & restart/reconfigure the squid server to implement changes. We can also impose upload limits based on users & groups, same as we imposed limits on file download.

 

Allow Squid proxy to cache all requests

To cache all the requests that are made in squid server, add the following directive in squid.conf file,

$ vim /etc/squid/squid.conf

cache allow all

Save file & reconfigure the squid server to implement the changes.

 

Disable caching of some websites

To disable cache only on some website, we will first create an ACL with websites & than disable the caching for that ACL. Make the following entries on squid.conf file,

$ vim /etc/squid/squid.conf

acl NOcache_websites dstdomain www.linuxtechlab.com www.msn.com

no_cache deny Nocache_websites

Save file & restart/reconfigure the squid server to implement changes.

 

Deny cache requests for some file extensions

To disable caching of files with certain extension, add the following lines in squid.conf file.

$ sudo vim /etc/squid/squid.conf

hierarchy_stoplsit .mp3 ?

hierarchy_stoplist .xls ?

acl ext1 urlpath_regex \.mp3 \?

acl ext2 urlpath_regex \.xls \?

no_cache deny ext1

no_cache deny ext2

Here, we have blocked caching for MP3 & XLS files. Save file & restart/reconfigure the squid server to implement changes.

Note:- To remove existing cached file, execute following command from terminal,

$ sudo rm -rf /var/spool/squid/*

 

Deny all cache requests

To deny all cache requests made to squid server, add the following directive in squid.conf file

$ vim /etc/squid/squid.conf

cache deny all

Save file & reconfigure the squid server to implement the changes.

These were some useful squid tips & tricks that you can use to make Squid proxy more useful. Please do let us know if you have any queries or suggestions.

If you think we have helped you or just want to support us, please consider these :-

Connect to us: Facebook | Twitter | Google Plus

Donate us some of you hard earned money: [paypal-donation]

Linux TechLab is thankful for your continued support.