Squid is a proxy for the web that provides extensive access control lists, reduces bandwidth consumption and improves response times by caching and reusing frequently requested web pages. It runs on most available operating systems, including Linux and Windows. It is licensed under the GNU GPL. Keep reading to learn how to configure Squid3.
Malware Patrol provides block lists compatible with Squid3 Web Proxy. You can follow these simple steps to configure your Squid instance and protect internal networks, computers and users from getting infected by malware.
Step-by-Step Instructions
1) Make sure your Squid3 instance is installed and working properly. There are several resources on the Internet that can help you configure Squid3 in your platform. If you are experiencing trouble installing and configuring Squid3, start at: http://www.squid-cache.org/.
2) On the server running Squid3, create a file called /etc/squid3/malware_patrol_update.sh. For example: vi /etc/squid3/malware_patrol_update.sh
3) Log into your account with Malware Patrol and look for Squid Web Proxy ACL. Right click on download and select Copy link location, you will need this URL on the next step.
4) Paste the following command into the newly created file, substituting _URL_YOU_JUST_COPIED_ by the URL you have copied on the previous step: wget “no-check-certificate -O /etc/squid3/malware_patrol_blocklist ‘_URL_YOU_JUST_COPIED_’
5) It is very important to make sure that the URL you have copied from your account with Malware Patrol is enclosed in single quotes. For example: wget “no-check-certificate -O /etc/squid3/malware_patrol_blocklist ‘https://lists.malwarepatrol.net/cgi/getfile?receipt=01234567890&product=13&list=squid’
6) Add the following line to the file and save it: /usr/sbin/squid3 -k reconfigure
7) Add execute permissions to the recently created file, executing this command: chmod +755 /etc/squid3/malware_patrol_update.sh
8) Next, we need to configure Squid3 to use the blocklist. Edit the file /etc/squid3/squid.conf. For example: vi /etc/squid3/squid.conf
9) Add the following lines to the file, at the appropriate sections:
acl malware url_regex -i /etc/squid3/malware_patrol_blocklist
http_access deny malware
deny_info http://www.malwarepatrol.net/denied.shtml malware
10) Execute the recently created file that will download the latest blocklist and restart Squid: /bin/sh /etc/squid3/malware_patrol_update.sh
11) Notice that Squid3 will take longer than usual to start because it needs to read thousands of entries that will protect you from malware infections.
12) You should now configure a cronjob to automatically update the Malware Patrol blocklist. The following command should be executed every hour: /bin/sh /etc/squid3/malware_patrol_update.sh. Please choose minutes not close to 00, 01 and 59.
If you experience any difficulties configuring Squid3 Web Proxy to use Malware Patrol blocklists, please make sure it is working properly and contact our tech support at support (@) malwarepatrol.net. Other configuration guides are available on our Tech Support page.