SQUIDTIPS AND TRICKS
Squid is a most popular web cache proxyused in Linux Servers. Here are some of the tips and tricks which you cando with access control in Squid via Webmin. I assume that you know Webminoperations and basic squid operations.
Note: Use the information below at your own risk.
Deny downloading of Specific File types
1. Get into Squid Control Panel via Webmin under Servers section..
2. Open Access Control page.
3. Create new ACL, select URL Path Regexp from the drop down menu.
4. Create a ACL name as your wish,here I have given as DenyFileTypes
Select Ignore case and enterthe extension of files like .mp3$ .exe$ in the Regular Expressionssection for denying mp3 and exe downloads.
5. In case you want to have customized error message when someone tries todownload denied files then create a new file
using vi editor or with your favourite editor in /etc/squid/errors/as DENYFILE. File name and content of the error message
is your wish.
File coding should be a webpagetype as shown below
Now enter the name of the fileDENYFILE in the Failure URL section and Save the access control.
6. Now the job is finished and all you have to do now is to add it in proxyrestrictions using Add proxy restriction link with Deny optionand move it on top of all restrictions. You can use up and down arrows init to achieve this.
Deny attaching files through web emails like Hotmail, Yahoo,Rediff etc
1. Get into Squid Control Panel via Webmin under Servers section.
2. Open Access Control page.
3. Create new ACL, select URL Regexp from the drop down menu.
4. Create a ACL name as your wish, here I have given as Block_Attachments.SelectIgnore case and enter the keywords attach upload attachmentOutblaze.mailin the Regular Expressions section for denying attaching files inwebmail.
5. In case you want to have customized error message when someone tries toattach files then create a new file
using vi editor or with your favourite editor in /etc/squid/errors/as DENYATTACH. File name and content of the error message
is your wish. File coding should be a webpage type. Now enter the name ofthe file DENYATTACH in the Failure URL section and Save theaccess control.
6. Now the job is finished and all you have to do now is to add it in proxy restrictions using Add proxy restriction link with Deny optionand move it on top of all restrictions according to your need. You can useup and down arrows in it to achieve this.
Deny Sites
1. Get into Squid Control Panel via Webmin under Servers section.
2. Open Access Control page.
3. Create new ACL, select Web Server Regexp from the drop down menu.
4. Create a ACL name as your wish, here I have given as Block_Sites.SelectIgnore case and enter the keywords gambling.com casino.com chat.yahoo.cometcas your wish in the Regular Expressions section for denying the sites.
5. In case you want to have customized error message when someone triesto attach files then create a new file
using vi editor or with your favourite editor in /etc/squid/errors/as DENYSITE. File name and content of the error message
is your wish. File coding should be a webpage type. Now enter the nameof the file DENYSITE in the Failure URL section and Save theaccess control.
6. Now the job is finished and all you have to do now is to add it in proxy restrictions using Add proxy restriction link with Deny optionand move it on top of all restrictions according to your need. You can useup and down arrows in it to achieve this.
Deny Sites based on contents in the URL
1. Get into Squid Control Panel via Webmin under Servers section.
2. Open Access Control page.
3. Create new ACL, select URL Regexp from the drop down menu.
4. Create a ACL name as your wish, here I have given as Block_Contents.SelectIgnore case and enter the keywords sex movie film mp3 video webcamcric score cinema etc as your wish in the Regular Expressionssection for denying the sites which contains specified contents in the URL.
5. In case you want to have customized error message when someone triesto attach files then create a new file
using vi editor or with your favourite editor in /etc/squid/errors/as DENYCONTENT. File name and content of the error message
is your wish. File coding should be a webpage type. Now enter the nameof the file DENYCONTENT in the Failure URL section and Savethe access control.
6. Now the job is finished and all you have to do now is to add it in proxy restrictions using Add proxy restriction link with Deny optionand move it on top of all restrictions according to your need. You can useup and down arrows in it to achieve this.
To set the cache administrator email address as you want
1. Get into Squid Control Panel via Webmin under Servers section.
2. Open Administrative Options and enter the email address youwant in Cache manager email address section.
To change the default port 3158 to some other port
1. Get into Squid Control Panel via Webmin under Servers section.
2. Open Ports and Networking and enter the port you want under"Proxy addresses and ports" and "SSL addresses and ports" sections.Don't forget to select the option "Listed Below." before saving.
