Hello everyone, I'm trying to install Squid on my server for my personal use, that means, only I will use the proxy. After reading some tutorials I came up with this configuration:
http_port *myip*:9876 hierarchy_stoplist cgi-bin ? acl QUERY urlpath_regex cgi-bin \? no_cache deny QUERY authenticate_program /usr/lib/squid/ncsa_auth /etc/squid/passwd acl users proxy_auth "/etc/squid/passwd" acl password proxy_auth REQUIRED acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl SSL_ports port 443 563 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 563 # https, snews acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access deny users http_access allow all proxy_auth_realm Squid proxy-caching web server Do you think that's enough and secure? I wish no-one can access it except me, with my login and password. Thank you very much. Regards, Francisco
