Tutorial Lengkap Install Squid Proxy di VPS

Bang topik Maret 04, 2021
[Kincaimedia.net]
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjuY1ho7KmNSvl2QFJiC5hLu1x8-marEePlkZ2ySbGtSls03w5zOOXYaaW_B2WhogxHqwekPDmILPM1vIdYOf5B3Atfzh5_Qs1Ui4INxY2uvBu_iE1J9xNsiT35O6Li5b0-QSq0kfDBr80/s1600/squid1.png


Tutorial Lengkap Install Squid Proxy di VPS 

Sekarang sudah banyak bugs inject bermunculan, salah satunya dengan metode filter proxy server dengan memanfaatkan vitur squid vps kita, jadi kita harus menginstall squid proxy pada vps kita, untuk lebih jelasnya silahkan ikuti tutorial berikut,
Dalam hal ini admin menggunakan OS Centos servers, Berikut tutorial nya :
1. install dulu squidnya

yum install squid -y
2. hapus file squid.conf pada /etc/squid/squid.conf

rm -rf /etc/squid/squid.conf
3. kemudian kita buat file configurasinya

touch /etc/squid/squid.conf
4. edit file confignya

nano /etc/squid/squid.conf
untuk versi 2.6xx dan 2.7xx

dns_nameservers 8.8.8.8 8.8.4.4 4.2.2.1 4.2.2.6 198.6.1.3 204.117.214.10 207.172.11.73
cache_mgr not_to_be_disturbed
client_db on
detect_broken_pconn on
dns_defnames on
dns_retransmit_interval 2 seconds
dns_timeout 5 minutes
half_closed_clients off
httpd_suppress_version_string on
ignore_unknown_nameservers on
pipeline_prefetch on
prefer_direct on
query_icmp on
range_offset_limit -1
retry_on_error on
server_persistent_connections on
strip_query_terms off
uri_whitespace strip
## untuk password untuk versi 32bit, lokasi file ganti seperti di bawah ini :
## /usr/lib/squid/ncsa_auth /etc/squid/squid_passwd
auth_param basic program /usr/lib64/squid/ncsa_auth /etc/squid/squid_passwd
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hour# ACCESS CONTROLS
######################
#Recommended minimum configuration:
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8

acl SSL_ports port 21 22 25 53 109 143 443 554 563 993 21976
acl Safe_ports port 53 80 136 137 182
acl Safe_ports port 22 25 70 210 280
acl Safe_ports port 143 443 554 563 993
acl Safe_ports port 67-68
acl Safe_ports port 1025-65535
acl Safe_ports port 8000-8090
acl Safe_ports port 123 465 488 587 591 777 6667
acl Safe_ports port 9000-9091
acl Safe_ports port 110 119 995 2030 2401 3306 3690 6881 8443 8843
acl ncsa_users proxy_auth REQUIRED
acl CONNECT method CONNECT#
#Recommended minimum configuration:
######################
## Only allow cachemgr access from localhost
http_access allow manager localhost
http_access deny manager##
http_access allow localhost
http_access allow ncsa_users
http_access deny to_localhost
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
## disable multicast icp
miss_access allow all
ident_lookup_access deny all# NETWORK OPTIONS
## open-port ###########
http_port 143
[size=4]######################[/size]
cache_mem 16 MB
cache_dir ufs /var/spool/squid/cache0 1000 16 256
cache_dir ufs /var/spool/squid/cache1 1000 16 256
cache_dir ufs /var/spool/squid/cache2 1000 16 256
cache_dir ufs /var/spool/squid/cache3 1000 16 256
# Leave coredumps in the first cache dir
access_log /var/log/squid/access.log
cache_log  /var/log/squid/cache.log
cache_access_log none
cache_store_log none#
hierarchy_stoplist cgi-bin ?
acl apache rep_header Server ^Apache
# Add any of your own refresh_pattern entries above these.
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320

visible_hostname powers.by.djohn6000@bugs4u.info
untuk versi 3.xx

ns_nameservers 8.8.8.8 8.8.4.4 4.2.2.1 4.2.2.6 198.6.1.3 204.117.214.10 207.172.11.73
dns_defnames on
dns_retransmit_interval 2 seconds
dns_timeout 5 minutes
balance_on_multiple_ip on
cache_mgr not_to_be_disturbed
client_db on
detect_broken_pconn on
half_closed_clients off
httpd_suppress_version_string on
ignore_unknown_nameservers on
pipeline_prefetch on
prefer_direct on
query_icmp on
range_offset_limit -1
retry_on_error on
server_persistent_connections on
strip_query_terms off
uri_whitespace strip
## untuk password untuk versi 32bit, lokasi file ganti seperti di bawah ini :
## /usr/lib/squid/ncsa_auth /etc/squid/squid_passwd
auth_param basic program /usr/lib64/squid/ncsa_auth /etc/squid/squid_passwd
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hour# ACCESS CONTROLS
######################
#Recommended minimum configuration:
acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
# local networks.
acl localnet src 10.0.0.0/8 # RFC1918 possible internal network
acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
acl localnet src 192.168.0.0/16 # RFC1918 possible internal network

acl SSL_ports port 21 22 25 53 109 143 443 554 563 993 21976
acl Safe_ports port 53 80 136 137 182
acl Safe_ports port 22 25 70 210 280
acl Safe_ports port 143 443 554 563 993
acl Safe_ports port 1025-65535
acl Safe_ports port 8000-8090
acl Safe_ports port 67-68
acl Safe_ports port 123 465 488 587 591 777 6667
acl Safe_ports port 9000-9091
acl Safe_ports port 110 119 995 2030 2401 3306 3690 6881 8443 8843
acl ncsa_users proxy_auth REQUIRED
acl CONNECT method CONNECT#
#Recommended minimum configuration:
######################
## Only allow cachemgr access from localhost
http_access allow manager localhost
http_access deny manager##
http_access allow localhost
http_access allow ncsa_users
http_access deny to_localhost
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports##
## disable multicast icp
miss_access allow all
ident_lookup_access deny all
# NETWORK OPTIONS
######################
http_port 143
# Leave coredumps in the first cache dir
access_log /var/log/squid/access.log
cache_log /var/log/squid/cache.log
cache_access_log none
cache_store_log none#
hierarchy_stoplist cgi-bin ?
acl apache rep_header Server ^Apache

ipcache_size 8192
ipcache_low 90
ipcache_high 95
#cache_dir null /tmp
cache_mem 16 MB
cache_dir ufs /var/spool/squid/cache0 1000 16 256
cache_dir ufs /var/spool/squid/cache1 1000 16 256
cache_dir ufs /var/spool/squid/cache2 1000 16 256
cache_dir ufs /var/spool/squid/cache3 1000 16 256
deny_info ::0 all
# Add any of your own refresh_pattern entries above these.
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320

visible_hostname powers.by.djohn6000@bugs4u.info


5. sekarang kita set config dengan user dan passwordnya

 bikin file :
touch /etc/squid/squid_passwd
# rubah permission filenya, biar ndak ada err msg permission denied
chown root.root /etc/squid/squid_passwd
# isikan user name dan passwd ke file
htpasswd -b /etc/squid/squid_passwd [user_1] [passwd_1]
6. sekarang set dan buat file cache nya

d /var/spool
chmod 775 squid
chmod g+w squid
squid -z
7. Jalankan squid yang baru saja Anda buat

quid -d 1 -D
jika ingin menghentikan squid silahkan tekan

ctrl+c
8. command shell tambahan untuk proses squid

chkconfig --add squid
chkconfig squid on

service squid start
service squid stop
service squid restart
service squid status
9. untuk set squid tanpa password

auth_param basic program /usr/lib64/squid/ncsa_auth /etc/squid/squid_passwd
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hour
dan
acl ncsa_users proxy_auth REQUIRED
Terimakasih, Tutorial Install Squid Proxy di VPS





Tidak ada komentar :

Posting Komentar

Leave A Comment...

© Cara Menghilangkan m=1 di URL Blogger Terbaru | Ulasanesia Artikel ini telah terbit di ulasanesia, cantumkan URL di bawah ini agar terhindar dari pelanggaran hak cipta https://www.ulasanesia.com/2024/01/cara-menghilangkan-m1-di-url-blogger.html