restrict Web Access by Time Using Squid Proxy Server 1

How to Restrict Web Access by Time Using Squid Proxy Server

In this article, we will discuss how to restrict web access by time using Squid proxy server, so keep reading to find out more.

Squid software is one of the most widely used proxy servers that can be used for regular network traffic. Using Squid, you can define rules to allow network traffic based on specific criteria, along with caching contents for faster access, and blocking websites. It is used by internet service providers (ISPs) to improve their internet speed.  

This article will specifically discuss how we can restrict web access based on time. There may be several reasons, like when you’re restricting children’s computer usage or if you’re running an internet café and you want to limit user access for a specific time. 

We will start with a brief discussion of the Squid proxy server, its installation, and then the steps to restrict access based on time.

What is a Squid proxy server?

It is a proxy application that resides between the client and the internet. All web requests pass through this proxy server. With Squid, the proxy server can filter, cache, and block requests based on specific rules. It can also monitor network traffic and access regions of the network. Additionally:

  • It can provide access control to restrict the type of content viewed over the network.
  • It allows you to do anonymous surfing of websites.
  • It scans the outbound content.
  • It can be used to speed up internet browsing.
  • It can be used to share or restrict internet connection to specific users.

How to Install Squid proxy server

We will now discuss the installation instructions for the Squid proxy server. Follow the following steps for installation.


Squid is available in Ubuntu’s repository. So, it can be easily installed by typing this command on your Terminal:

$apt-get install squid -y

Enabling Squid to start on system boot

After some time, the installation will be completed. By then, you can enable Squid to start as a service on system boot using this command:

$systemctl start squid
$systemctl enable squid

Verify the status of Squid

Now to verify Squid’s status, input the following command:

$systemctl status squid

Once verified, you should see the details of Squid’s proxy server. Now, check the version of Squid via this command:

$squid -v

You should then see an output similar to the one shown below:

Squid Cache: Version 4.10

Service Name: squid

Ubuntu linux

Now, verify the port of Squid using this command:

$ss -antpl | grep squid

Squid’s proxy server should now run on port 3128.

Configure user-based authentication for Squid

This section will discuss the steps for the user-based authentication of Squid. This will enable Squid to accept the connection and serve as hypertext transfer protocol (HTTP) proxy. 

Install apache2-utils

As the first step, install the apache2-utils package using the following command:

$apt-get install apache2-utils -y

Create users

To let the Squid store the user ID and password, create a file using the touch command as follows:

$touch /etc/squid/htpasswd

Now, create a user for Squid with this:

$htpasswd /etc/squid/htpasswd khan1

Set the password for the new user khan1 as shown below:

New password:

Re-type new password:

Adding password for user khan1

Now, create one more user, khan2, like this:

$htpasswd /etc/squid/htpasswd khan2

Set the password for the user. You can then verify the password for both users (i.e., khan1 and khan2) as follows:

$cat /etc/squid/htpasswd

Edit the configuration file to define user authentication

Now, open the configuration file to determine the user authentication. Using your favorite editor, open the file as follows:

$nano /etc/squid/squid.conf

Now, add the following lines to the file at the beginning:

auth_param basic program /usr/lib/squid3/basic_ncsa_auth /etc/squid/htpasswd
acl ncsa_users proxy_auth REQUIRED
http_access allow ncsa_users

Save and close the file. 

Restart Squid’s proxy server

Restart the Squid proxy server as follows:

$systemctl restart squid

Restrict websites domain using Squid proxy

We will now discuss how we can block specific websites using Squid proxy. Open the squid.conf file using your favorite editor as follows:

$nano /etc/squid/squid.conf

Add the following lines to the file:

acl block dstdomain ""
http_access deny block

Save and close the file. 

After that, create the website_block.txt file using the touch command as follows:

nano /etc/squid/website_block.txt

Now, open the file and add the domains you want to block. Save and close the file. 

Restart the Squid proxy server using the following command:

systemctl restart squid

How to Restrict Web Access by Time Using Squid Proxy Server

Now, we will discuss how we can restrict website access based on time. Open the squid.conf file in your favorite editor. Now create an access control list (ACL). Add the following lines at the bottom of the conf file:

acl home_network src
acl kids_hours time M T W H F 15:00-19:00

Here, we have defined the source of the connection first, i.e., home network, and then the time allowed (for instance, by kids) to access the websites from 3 pm – 7 pm.

Now, add the following lines to the conf file:

http_access allow home_network kids_hours

You can even allow access for more time during the weekend by creating an ACL for weekend hours. To further customize, you can completely restrict the entry for a specific machine by adding the following lines in the conf file:

acl RestrictedHost src
http_access deny RestrictedHost

Now restart the Squid proxy server via the following command:

/etc/rc.d/init.d/squid restart

This article discusses the Squid proxy server, its installation, and steps for restricting access based on web domains or time. There are other advanced features in the Squid proxy server, such as limiting access based on web content. For more details, the reader can consult the manual for Squid.

If this guide helped you, please share it.

Leave a Reply
Related Posts