Wednesday, May 6, 2015

HowTo Block Internet Explorer Browser With Squid Proxy Server on a Linux/Unix Server

I want to block Internet Explorer (MS-IE) browser on a squid proxy server running on a Linux or Unix-like systems. How can I block IE on a squid proxy server version 3.x?

You need to setup an acl on a squid proxy server to block Microsoft Internet Explorer or any other browser of your choice. This tutorials explains how to block
Tutorial details
DifficultyEasy (rss)
Root privilegesYes
RequirementsSquid 3.x
Estimated completion time5m
Internet Explorer browsers with Squid proxy running on a Ubuntu Linux and CentOS Linux version 6.x server. This is also useful to fix an known vulnerability coming from a specific version of browser. Please note the following acl based on user-agents and it can be spoofed easily.
Warning: Please note that third-party browser add-ons or bots can alter the user-agent string on the client side itself. So the following may not work at all.

Syntax to block squid using User-Agent header

The acl syntax is as follows tn match on User-Agent header:
acl acl_name_here browser User_Agent_Here

Step 1: Edit squid.conf

Type the following command:
sudo vi /etc/squid/squid.conf

Step 2: Enable User-agent log in squid.conf

Make sure access_log set to combined (default is squid):
access_log daemon:/var/log/squid3/access.log combined

Step 3: Update/append acl

Local acl section and append the following configuration directives to your squid.conf file:
## block all version of MSIE ##
acl block_browser browser MSIE
http_access deny block_browser
It is also possible to block specific version or other browsers too:
acl block_bad_browser browser MSIE.9
acl block_bad_browser browser MSIE.10
acl block_bad_browser browser Firefox
acl block_bad_browser browser Chrome/38
http_access deny block_bad_browser
You can also use the following syntax which is very fast:
acl aclname req_header header-name [-i] regex
Save and close the file.

Step 4: Reload squid server

To reload Squid Proxy Server without restarting squid daemon, enter:
sudo /usr/sbin/squid -k reconfigure

Step 5: Test it

Here is a sample screen showing blocked browser:
Fig.01: Firefox is blocked using Squid 3.x
Fig.01: Firefox is blocked using Squid 3.x

No comments:

Post a Comment