erf499
Junior Member
- Joined
- Nov 6, 2016
- Messages
- 128
- Reaction score
- 34
*** THIS IS NOT MY METHOD But I Create My Proxies With This Methode -Have Fun- ***
VPS specifications:
Installation
Update your APT repository and install the software we will need
sudo apt-get update
sudo apt-get install squid3
sudo apt-get install apache2-utils
apache2-utils is required for htpasswd which we will use as a flat file password store to secure the proxy.
Setup the password store
sudo touch /etc/squid/passwords
sudo chmod 777 /etc/squid/passwords
sudo htpasswd -c /etc/squid/passwords USERNAME
[prompt]
In the lines above, replace USERNAME with the username you want on your proxy. When the line is executed you will be prompted to enter a password for the user.
Configure the Squid Proxy
Move the default bloated squid configuration file.
sudo mv /etc/squid/squid.conf /etc/squid/squid.conf.original
Now create a new squid configuration file
sudo vi /etc/squid/squid.conf
This is the configuration file I use however there are a lot of possible variations.
#Define allowable Networks or IPs.
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8
#You can enter your home IP here if you would like to whitelist
acl home dst 192.0.0.0/8
#Port
http_port 3128
dns_v4_first on
cache deny all
forwarded_for delete
acl ip1 myip 111.222.111.222
tcp_outgoing_address 111.222.111.222 ip1
#Define allowable Ports
acl Safe_ports port 80 # http
acl Safe_ports port 443 # https
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 777 # multiling http
#Allow the ports and networks we want, then deny everyone else.
http_access allow manager localhost
#http_access deny manager
#http_access deny !Safe_ports
#http_access allow localhost
#http_access allow home
cache deny all
#Password authentication
auth_param basic program /usr/lib/squid3/basic_ncsa_auth /etc/squid/passwords
auth_param basic realm proxy
acl authenticated proxy_auth REQUIRED
http_access allow authenticated
http_access deny all
#Rules to anonymize http headers
request_header_access Allow allow all
request_header_access Authorization allow all
request_header_access WWW-Authenticate allow all
request_header_access Proxy-Authorization allow all
request_header_access Proxy-Authenticate allow all
request_header_access Content-Encoding allow all
request_header_access Content-Length allow all
request_header_access Content-Type allow all
request_header_access Date allow all
request_header_access Expires allow all
request_header_access Host allow all
request_header_access If-Modified-Since allow all
request_header_access Last-Modified allow all
request_header_access Location allow all
request_header_access Pragma allow all
request_header_access Accept allow all
request_header_access Accept-Charset allow all
request_header_access Accept-Encoding allow all
request_header_access Accept-Language allow all
request_header_access Content-Language allow all
request_header_access Mime-Version allow all
request_header_access Retry-After allow all
request_header_access Title allow all
request_header_access Connection allow all
request_header_access Proxy-Connection allow all
request_header_access All deny all
#Do not show client IP address
forwarded_for off
Restart the squid proxy
service squid restart
Note the service could also be called squid3. It may take a while for the proxy to restart. If you prefer, you can reload squid configurations with the command
squid -k reconfigure
Check that it is working
service squid status
Go into a web browser and try using your proxy. Here are some sites that you can test your proxies on.
VPS specifications:
- Ubuntu 16.04
- 1mb Ram
- 1 core
- 10gb storage
- 1Gbps
Installation
Update your APT repository and install the software we will need
sudo apt-get update
sudo apt-get install squid3
sudo apt-get install apache2-utils
apache2-utils is required for htpasswd which we will use as a flat file password store to secure the proxy.
Setup the password store
sudo touch /etc/squid/passwords
sudo chmod 777 /etc/squid/passwords
sudo htpasswd -c /etc/squid/passwords USERNAME
[prompt]
In the lines above, replace USERNAME with the username you want on your proxy. When the line is executed you will be prompted to enter a password for the user.
Configure the Squid Proxy
Move the default bloated squid configuration file.
sudo mv /etc/squid/squid.conf /etc/squid/squid.conf.original
Now create a new squid configuration file
sudo vi /etc/squid/squid.conf
This is the configuration file I use however there are a lot of possible variations.
#Define allowable Networks or IPs.
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8
#You can enter your home IP here if you would like to whitelist
acl home dst 192.0.0.0/8
#Port
http_port 3128
dns_v4_first on
cache deny all
forwarded_for delete
acl ip1 myip 111.222.111.222
tcp_outgoing_address 111.222.111.222 ip1
#Define allowable Ports
acl Safe_ports port 80 # http
acl Safe_ports port 443 # https
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 777 # multiling http
#Allow the ports and networks we want, then deny everyone else.
http_access allow manager localhost
#http_access deny manager
#http_access deny !Safe_ports
#http_access allow localhost
#http_access allow home
cache deny all
#Password authentication
auth_param basic program /usr/lib/squid3/basic_ncsa_auth /etc/squid/passwords
auth_param basic realm proxy
acl authenticated proxy_auth REQUIRED
http_access allow authenticated
http_access deny all
#Rules to anonymize http headers
request_header_access Allow allow all
request_header_access Authorization allow all
request_header_access WWW-Authenticate allow all
request_header_access Proxy-Authorization allow all
request_header_access Proxy-Authenticate allow all
request_header_access Content-Encoding allow all
request_header_access Content-Length allow all
request_header_access Content-Type allow all
request_header_access Date allow all
request_header_access Expires allow all
request_header_access Host allow all
request_header_access If-Modified-Since allow all
request_header_access Last-Modified allow all
request_header_access Location allow all
request_header_access Pragma allow all
request_header_access Accept allow all
request_header_access Accept-Charset allow all
request_header_access Accept-Encoding allow all
request_header_access Accept-Language allow all
request_header_access Content-Language allow all
request_header_access Mime-Version allow all
request_header_access Retry-After allow all
request_header_access Title allow all
request_header_access Connection allow all
request_header_access Proxy-Connection allow all
request_header_access All deny all
#Do not show client IP address
forwarded_for off
Restart the squid proxy
service squid restart
Note the service could also be called squid3. It may take a while for the proxy to restart. If you prefer, you can reload squid configurations with the command
squid -k reconfigure
Check that it is working
service squid status
Go into a web browser and try using your proxy. Here are some sites that you can test your proxies on.