Squid is a full-featured caching proxy server that supports HTTP, HTTPS, and FTP. It is most commonly used to cache repeated web requests to speed up browsing, filter traffic based on IP or user credentials, and route connections through a specific server. Some teams also use it to bypass geo-restrictions or monitor network activity.
This guide walks you through installing Squid on Ubuntu 18.04, configuring access control and basic authentication, opening the firewall port, and pointing your browser at the proxy.
<strong>Prerequisite:</strong> You need sudo access.
Squid is available in Ubuntu’s default repositories. Install it with:
bashsudo apt updatesudo apt install squid
The Squid service starts automatically. Verify it is running:
bashsudo systemctl status squid
Look for Active: active (running) in the output.
Squid’s configuration lives in /etc/squid/squid.conf. Before making any changes, back up the original file:
bashsudo cp /etc/squid/squid.conf{,.original} Open the file for editing:
bashsudo nano /etc/squid/squid.conf
By default, Squid listens on port 3128 on all network interfaces. To bind to a specific IP or change the port, find the http_port line and update it:
http_port IP_ADDR:PORT
Restrict access by IP address
By default, Squid only allows connections from localhost. To allow specific clients, create a dedicated file containing their IP addresses:
# /etc/squid/allowed_ips.txt192.168.33.1
Then add the following lines to squid.conf, before the http_access deny all rule:
acl allowed_ips src "/etc/squid/allowed_ips.txt"http_access allow localhosthttp_access allow allowed_ipshttp_access deny all
The order of http_access rules matters. Squid reads them top to bottom and stops at the first match — similar to how firewall rules work. Always keep http_access deny all at the bottom.
Apply the changes by restarting Squid:
bashsudo systemctl restart squid
Squid supports HTTP basic authentication using a password file. Create a user with openssl and write the credentials to the htpasswd file:
bashprintf "josh:$(openssl passwd -crypt 'Sz$Zdg69')\n" | sudo tee -a /etc/squid/htpasswd
Add the following lines to squid.conf to enable authentication:
auth_param basic program /usr/lib/squid3/basic_ncsa_auth /etc/squid/htpasswdauth_param basic realm proxyacl authenticated proxy_auth REQUIREDhttp_access allow authenticated
If you want all clients to log in rather than be allowed by IP, replace the http_access allow allowed_ips rule with http_access allow authenticated. Restart Squid after saving.
If UFW is active on your server, allow Squid traffic with:
bashsudo ufw allow 'Squid'
This opens port 3128 on both IPv4 and IPv6.
Firefox: Go to Preferences > Network Settings > Settings. Select Manual proxy configuration, enter your Squid server IP in the HTTP Host field and 3128 in the Port field. Check Use this proxy server for all protocols and click OK.
To verify the proxy is working, open google.com and search “what is my ip” — you should see your Squid server’s IP address instead of your own.
Google Chrome: Chrome uses system proxy settings by default. For a quick test on Linux, start Chrome from the terminal with a dedicated proxy profile:
bash/usr/bin/google-chrome \ --user-data-dir="$HOME/proxy-profile" \ --proxy-server="http://SQUID_IP:3128"
For a persistent setup, use the SwitchyOmega extension to manage proxy configurations directly inside Chrome.
Squid is now installed and configured on your Ubuntu 18.04 server. Whether you use it for caching, traffic filtering, or client access control, the ACL and authentication setup above gives you a solid foundation. Leave a comment below if you run into any issues during setup.
Chromium is a fast, lightweight, open-source web browser developed primarily by Google. It serves as the…
MySQL Workbench is a cross-platform graphical tool for MySQL database administration. It brings together everything a…
NFS (Network File System) is a distributed file sharing protocol that lets you mount remote directories…
VirtualBox is an open-source, cross-platform virtualization application that lets you run multiple operating systems simultaneously on…
SSH (Secure Shell) is a cryptographic network protocol that creates a secure, encrypted connection between your…
Node.js is an open-source, cross-platform JavaScript runtime that lets you run JavaScript on the server side,…