Configuring SquidGuard, Enabling Content Rules and Analyzing Squid Logs – Part 6

Best Affordable Linux and WordPress Services For Your Business
Outsource Your Linux and WordPress Project and Get it Promptly Completed Remotely and Delivered Online.

If You Appreciate What We Do Here On TecMint, You Should Consider:

  1. Stay Connected to: Twitter | Facebook | Google Plus
  2. Subscribe to our email updates: Sign Up Now
  3. Get your own self-hosted blog with a Free Domain at ($3.45/month).
  4. Become a Supporter - Make a contribution via PayPal
  5. Support us by purchasing our premium books in PDF format.
  6. Support us by taking our online Linux courses

We are thankful for your never ending support.

Gabriel Cánepa

Gabriel Cánepa is a GNU/Linux sysadmin and web developer from Villa Mercedes, San Luis, Argentina. He works for a worldwide leading consumer product company and takes great pleasure in using FOSS tools to increase productivity in all areas of his daily work.

Your name can also be listed here. Got a tip? Submit it here to become an TecMint author.

RedHat RHCE and RHCSA Certification Book
Linux Foundation LFCS and LFCE Certification Preparation Guide

You may also like...

15 Responses

  1. Ivan Lim says:

    Brother Gabriel, how to block https websites in squid / squidGuard in Ubuntu 16.04? I can only block http websites in squidGuard. Thank you.

  2. Michael Heyns says:

    It is worth mentioning:

    squidGuard is not in the CentOS 7 repositories. A repository called the EPEL needs to be added first.

    Also, on CentOS 7, squidGuard db is located at /var/squidGuard NOT /var/lib/squidguard. (note the capital G)

    Following the tutorial results in a segmentation fault when reaching the db creation command. /etc/squid/squidGuard.conf needs to be correctly setup first.

    As always, thank you Tecmint team for all your hard work in providing us these guides. You are doing the industry a great service!

    • @Michael,
      Thank you for pointing that out. The thing is, this tutorial (actually, the LFCS and LFCE series) was written with CentOS 6 in mind as that was the version of the distribution that was available to take the exam at the time. However, beginning on Feb. 2016, CentOS will no longer be available to take either exam so before that deadline we will review the topics of these series to make sure they match the required domains and competencies.

  3. Prasad says:

    how to set per user bandwidth limit. It may be hourly, daily, weekly or monthly.


  4. Rajesh says:

    Hi Gabriel,

    I am also facing the same issue. Despite putting the required database in place, the proxy sites starting with https are getting opened.

    Also I want to give selected access to my clients – they should be able to open secured sites like search engine like google, mails like yahoo and gmail but not facebook or proxy server sites.

    Can you please explain in detail how to accomplish the same ?

    Thanking in Advance

  5. We specialize in serving intelligent network administrators high quality blacklists for effective, targeted inline web filtering leveraging Squid proxy. We are the worlds leading and ONLY publisher of blacklists tailored specifically for use with Squid Proxy Native ACL. We also publish the worlds LARGEST adult domain blacklist, as well, as the worlds first blasphemy blacklist. Our works are available in several alternative formats for compatibility with multiple other web filter platforms. There is a demand for a better blacklist. And with few alternatives available, we intend to fill that gap. Est. 2012. Owned and maintained by Benjamin E. Nichols & Co. It is an extension of the work I have been doing for years applying filters to my own networks with squid proxy and firewalls. is platform whereby I hope to share the amalgamation of these works with the community, in the hopes that it will serve the greater good, helping to secure networks while providing a useful resource for individuals looking for a reasonable level of control of http traffic on their respective networks using a range of filtering solutions.

    It would be our pleasure to serve you,


    Benjamin E. Nichols

  6. Congratulations one more time! ;)

    Gabriel, if you allow me, I would like to add the option “-d” on squidGuard command when it is use to create .db urls/domains files.

    Thereby —>> squidGuard -d -C all

    Because -d allow we see stdout errors. And it’s easier to debug mistakes on configuration process.

    Best regards

    • Another point is to run these commands after Removing Restrictions part.

      After we remove the configure on /etc/squidguard/squidguarad we need to run:

      squidGuard -d -C all
      squid -k reconfigure

      And it is good clean web browser cache, too.
      In my experience work this way.

  7. Martim says:

    Hi Gabriel,

    First I’d like to thank you fou the great tutorials. You also helped a lot in Summarizing the LFCS contents. I’m studding for LFCE and I jus what to be sure that SquidGuard is part of the requirements has I can’s find it in the Overview of Domains and Competencies at the Linux Foundation website. Thans a lot.

  8. Shahid says:

    I have already checked with squid it by pass HTTPs traffic, then I blocked HTTPs traffic with iptables. please let me know if It is possible with squid.

  9. @Shahid,
    Make sure you follow the steps outlined in this article and you should be able to block https traffic as well. You may not be shown the Squid access denied page, but the proxy will refuse to serve the content. If not, please get back to me using this same comment form and we’ll work it out together.

  10. Shahid says:

    Hi Gabriel,

    How we can block HTTPs traffic i-e facebook,youtube etc with squid.

    Muhammad Shahid

Got something to say? Join the discussion.

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.