<

Squid - How to  make squid proxy prevent malwares

Published on
8,148 Points
5,148 Views
Last Modified:
In this tutorial I will explain how to make squid prevent malwares in five easy steps:

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. It reduces bandwidth and improves response times by caching and reusing frequently-requested web pages. Squid has extensive access controls and makes a great server accelerator.

Step 1:
Create a file called malware_block_list.txt and save in /etc/squid

Step 2:
Create a new access list (ACL) in your squid.conf
 
# File which contains the list 
acl malware_block_list url_regex-i "/etc/squid/malware_block_list.txt" 
# Access Denied 
http_access deny malware_block_list 
# Redirect message - (You can make your own) 
deny_info http://malware.hiperlinks.com.br/denied.shtml malware_block_list

Open in new window


Step 3:
Execute in shell.
 
wget -O - http://malware.hiperlinks.com.br/cgi/submit?action=list_squid > /etc/squid/malware_block_list.txt

Open in new window



Step 4:
Put in Scheduled Tasks (Crontab).
**In my case the file from the list of malware is updated at 00 hours and 06 hours.
 
* 00,06 * * * wget -O - http://malware.hiperlinks.com.br/cgi/submit?action=list_squid > /etc/squid/malware_block_list.txt

Open in new window


Step 5:
Reload squid configuration.
 
service squid reload

Open in new window


Every time that scheduled task is executed, the file is updated.
 
Open /etc/squid/malware_block_list.txt and see if you can see the list of urls, take one and put in your browser to see if the the error message appears.
error messageRegards

André Bolinhas
0
Comment
Author:abolinhas
3 Comments
 
 

Administrative Comment

by:WaterStreet
I'm one of EE's Page Editors assigned to these zones.

I'm changing this Article's status to Author Review so that you can edit it, as discussed below.  When you have responded to the issues below, change the status to Editor Review to alert me.  I'm telling every author that I consider unpublished Articles as subject to deletion, if at any time 30 days shall elapse without requested feedback from the author.

1.  After your first sentence tell what squid is in a short sentence.

2.  Define technical terms/jargon and abbreviations for a more general audience

3.  Your image cannot be read.  Try a narrower width screen capture, no more than 600 to 750 pixels wide.


Here are Article Publishing Criteria that will be used here.

Qualifiers
Reasonable applicability to designated zone(s)
English language and reasonable paragraph structure
Reasonable use of grammar and words
Reasonable organization and flow of the overall presentation through to its conclusions
Basic clarity of presentation, ideas and conclusions
Define technical terms/jargon and abbreviations for a more general audience
Embedded images are to be readable, as needed

Disqualifiers
Excessive use of undefined technical terms/jargon and abbreviations
Content is materially misstated or factually wrong, or  the conclusions are logically incorrect or misleading
"IM talk"
Conflicting statements/ideas
Unjustified, off-topic content

Standard Deletion Criteria
Explicit defamatory or malicious content
Libelous content or statements that violate third party rights
Content that outlines illegal, unethical activities
Spamming, flaming, soliciting, promoting, advertising for commercial purpose
Plagiarism, posting copyrighted content
Clear misuse of the EE points system
Content that has considerable errors, information that is intentionally false or misleading


Here are EE's guidelines and additional help resources for Articles

    * Make sure your content is unique, tech related
    * Articles should be no less than 300 words
    * Use short, descriptive titles
    * Be simple, clear, and detailed
    * Use formatting tips for readability
    * Test code snippets before publishing
    * Attach necessary files, screenshots
    * Reference all source material
    * Spell-check, edit content for errors


Here are more resources available to you or you can ask an Article question in this Article or at
http://www.experts-exchange.com/Community_Support/Article_Tips/askQuestion.jsp

See Guidelines and Help Topics for Writing Articles at:
http://www.experts-exchange.com/articlesGuidelines.jsp

See the Article Tips page, where you'll find tips and guidelines to improve your article writing.
http://www.experts-exchange.com/articleTips.jsp
0
 
LVL 9

Author Comment

by:abolinhas
Hi WaterStreet,

Thanks for warning me of the errors of my article, this was my first article that I wrote in my whole life:)

I changed my article, I ask you to verify that it is within the guidelines set by you.

If not, please let me know so I can re-edit it.

Thanks for your help

Regards

André Bolinhas




0
 
LVL 5

Expert Comment

by:lapukman
Great post! But there's a typo in the config, you forgot a space in "url_regex-i" ACL type. It should look like:

acl malware_block_list url_regex -i "/etc/squid/malware_block_list.txt"
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Join & Write a Comment

This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial
Other articles by this author

Keep in touch with Experts Exchange

Tech news and trends delivered to your inbox every month