Squid - How to  make squid proxy prevent malwares

Published:
Updated:
In this tutorial I will explain how to make squid prevent malwares in five easy steps:

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. It reduces bandwidth and improves response times by caching and reusing frequently-requested web pages. Squid has extensive access controls and makes a great server accelerator.

Step 1:
Create a file called malware_block_list.txt and save in /etc/squid

Step 2:
Create a new access list (ACL) in your squid.conf
 
# File which contains the list 
acl malware_block_list url_regex-i "/etc/squid/malware_block_list.txt" 
# Access Denied 
http_access deny malware_block_list 
# Redirect message - (You can make your own) 
deny_info http://malware.hiperlinks.com.br/denied.shtml malware_block_list

Open in new window


Step 3:
Execute in shell.
 
wget -O - http://malware.hiperlinks.com.br/cgi/submit?action=list_squid > /etc/squid/malware_block_list.txt

Open in new window



Step 4:
Put in Scheduled Tasks (Crontab).
**In my case the file from the list of malware is updated at 00 hours and 06 hours.
 
* 00,06 * * * wget -O - http://malware.hiperlinks.com.br/cgi/submit?action=list_squid > /etc/squid/malware_block_list.txt

Open in new window


Step 5:
Reload squid configuration.
 
service squid reload

Open in new window


Every time that scheduled task is executed, the file is updated.
 
Open /etc/squid/malware_block_list.txt and see if you can see the list of urls, take one and put in your browser to see if the the error message appears.
error messageRegards

André Bolinhas
0
5,639 Views

Comments (2)

Author

Commented:
Hi WaterStreet,

Thanks for warning me of the errors of my article, this was my first article that I wrote in my whole life:)

I changed my article, I ask you to verify that it is within the guidelines set by you.

If not, please let me know so I can re-edit it.

Thanks for your help

Regards

André Bolinhas




Commented:
Great post! But there's a typo in the config, you forgot a space in "url_regex-i" ACL type. It should look like:

acl malware_block_list url_regex -i "/etc/squid/malware_block_list.txt"

Have a question about something in this article? You can receive help directly from the article author. Sign up for a free trial to get started.

Get access with a 7-day free trial.
You Belong in the World's Smartest IT Community