前面总结了 基于Xen的VPS的web服务器的配置:ubuntu+nginx+php,下面记录下squid服务器的配置。

安装很简单:apt-get install squid

配置中的重点是打开用户验证。

通过htpasswd建立用户名密码文件,然后在squid的配置文件中设置。

http_port 3128
auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/squid.password
auth_param basic children 5
auth_param basic realm Hamo’s Private Proxy
auth_param basic credentialsttl 4 hours

acl all src all
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8
acl localnet src 10.0.0.0/8    # RFC1918 possible internal network
acl localnet src 172.16.0.0/12    # RFC1918 possible internal network
acl localnet src 192.168.0.0/16    # RFC1918 possible internal network

acl SSL_ports port 443        # https
acl SSL_ports port 563        # snews
acl SSL_ports port 873        # rsync
acl Safe_ports port 80        # http
acl Safe_ports port 21        # ftp
acl Safe_ports port 443        # https
acl Safe_ports port 70        # gopher
acl Safe_ports port 210        # wais
acl Safe_ports port 1025-65535    # unregistered ports
acl Safe_ports port 280        # http-mgmt
acl Safe_ports port 488        # gss-http
acl Safe_ports port 591        # filemaker
acl Safe_ports port 777        # multiling http
acl Safe_ports port 631        # cups
acl Safe_ports port 873        # rsync
acl Safe_ports port 901        # SWAT
acl purge method PURGE
acl CONNECT method CONNECT

acl normal proxy_auth REQUIRED

http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny to_localhost
http_access allow localhost
http_access allow normal
http_access deny all

然后重启squid即可。