{"id":155,"date":"2008-03-30T07:26:24","date_gmt":"2008-03-30T15:26:24","guid":{"rendered":"http:\/\/jim-zimmerman.com\/blog\/?p=155"},"modified":"2008-03-30T07:26:24","modified_gmt":"2008-03-30T15:26:24","slug":"blocking-web-access-via-squid","status":"publish","type":"post","link":"https:\/\/jim-zimmerman.com\/?p=155","title":{"rendered":"Blocking web access via squid"},"content":{"rendered":"<p>This is a configuration that I have used to restrict access to web sites via squid.  It seems to work well for a small number of users.  <\/p>\n<p>From \/etc\/squid\/squid.conf<br \/>\n&#8230;<br \/>\nacl Home proxy_auth REQUIRED<br \/>\nacl all src 0\/0<br \/>\nacl block url_regex -i &#8220;\/etc\/squid\/blockedsites.acl&#8221;<br \/>\nhttp_access deny block<br \/>\nacl allowsites url_regex -i &#8220;\/etc\/squid\/allowedsites.acl&#8221;<br \/>\nhttp_access allow Home allowsites<br \/>\nhttp_access deny all<br \/>\n&#8230;<\/p>\n<p>In \/etc\/squid\/blockedsites.acl, I listed strings that when contained in a url will not be permitted.  In \/etc\/squid\/allowedsites.acl, I listed domain name strings that are allowed.  For example, &#8220;.mozilla.org&#8221;.  Then, if I want to allow to all sites except those listed in the blockedsites.acl, I just add &#8220;.&#8221;. to the allowedsites.acl.<\/p>\n<p>Sample \/etc\/squid\/blockedsites.acl:<\/p>\n<p>&#8230;<br \/>\nmyspace.com<br \/>\nyoutube.com<br \/>\n&#8230;<\/p>\n<p>Sample \/etc\/squid\/allowedsites.acl:<\/p>\n<p>&#8230;<br \/>\n.<br \/>\n&#8230;<\/p>\n<p>This will allow users to go to all sites but myspace and youtube.<\/p>\n<p>However, in this sample \/etc\/squid\/allowedsites.acl:<\/p>\n<p>&#8230;<br \/>\n.google.com<br \/>\n&#8230;<\/p>\n<p>Users will only be allowed to go to google.com.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>This is a configuration that I have used to restrict access to web sites via squid. It seems to work well for a small number of users. From \/etc\/squid\/squid.conf &#8230; acl Home proxy_auth REQUIRED acl all src 0\/0 acl block url_regex -i &#8220;\/etc\/squid\/blockedsites.acl&#8221; http_access deny block acl allowsites url_regex -i &#8220;\/etc\/squid\/allowedsites.acl&#8221; http_access allow Home allowsites [&#038;hellip<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-155","post","type-post","status-publish","format-standard","hentry","category-documentation"],"share_on_mastodon":{"url":"","error":""},"_links":{"self":[{"href":"https:\/\/jim-zimmerman.com\/index.php?rest_route=\/wp\/v2\/posts\/155","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jim-zimmerman.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jim-zimmerman.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jim-zimmerman.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/jim-zimmerman.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=155"}],"version-history":[{"count":0,"href":"https:\/\/jim-zimmerman.com\/index.php?rest_route=\/wp\/v2\/posts\/155\/revisions"}],"wp:attachment":[{"href":"https:\/\/jim-zimmerman.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=155"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jim-zimmerman.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=155"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jim-zimmerman.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=155"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}