Fedora 41
Sponsored Link

Squid : Configure Reverse Proxy2024/11/14

 

Configure Squid as a Reverse Proxy Server.

[1]

Get SSL Certificate to receive HTTPS access, too, refer to here.

[2] Configure Squid.
[root@dlp ~]#
vi /etc/squid/squid.conf
# line 57 : comment out
#http_access deny to_linklocal

# line 66 : add to allow all http access
http_access allow all 
# And finally deny all other access to this proxy
http_access deny all

# line 71 : specify the backend Web server
#http_port 3128
http_port 80 accel defaultsite=www.srv.world
https_port 443 accel defaultsite=www.srv.world tls-cert=/etc/letsencrypt/live/dlp.srv.world/fullchain.pem tls-key=/etc/letsencrypt/live/dlp.srv.world/privkey.pem

# line 74 : uncomment
# number means ⇒ [disk cache size] [number of directories on top level] [number of directories on 2nd level]
cache_dir ufs /var/spool/squid 100 16 256

# add to last line
cache_peer www.srv.world parent 80 0 no-query originserver 

# memory cache size
cache_mem 256 MB 

# define hostname
visible_hostname dlp.srv.world 

[root@dlp ~]#
systemctl enable --now squid

[3] If Firewalld is running, allow HTTP/HTTPS services.
[root@dlp ~]#
firewall-cmd --add-service={http,https}

success
[root@dlp ~]#
firewall-cmd --runtime-to-permanent

success
[4] Change settings of DNS or Routers in your local network if need to listen HTTP/HTTPS access on Squid, then try to access to Squid Reverse Proxy Server from a Client PC with Web browser like follows.
Matched Content