I've just created a Squid based proxy server, which is functioning just great with a default configuration. However I don't want it to be accessible by everyone. I want to set up username/password access on Squid. I've been informed this is relatively straight-forward. So far I've done the following:
sudo htpasswd -c /etc/squid/passwd A
And added the following to /etc/squid/squid.conf
auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/passwd
acl AUser proxy_auth A
http_access allow AUser
I believe this is the correct approach? Initially I got an error message about "can't use proxy auth because no authentication schemes are fully configured", but I resolved this by placing the auth_param basic program… line before the acl line. However when I restarted the squid service and entered the proxy IP address and port into my Browser (Chrome), it failed to load a page or indeed ask for a username/password. I then tracked this down to the fact I shouldn't have "http_access deny all" in the squid.conf file. I'm not sure if this is the best setup or indeed whether I'm creating any security issues, however it does seem to be working ok for me now.
Many thanks!
Best Answer
You simply need to check the authentication feature doc for squid which is available at
http://wiki.squid-cache.org/Features/Authentication
There are a number of authentication methods available with squid and everything is well documented in the above link. Go through it and choose the appropriate one for you.