webwinkelkeur logo

4.7 avg.

5101+ reviews
webwinkelkeur logoView all

5101+ reviews

5101+ reviews

Order by 16:00 for same day shipping

14 days return

EN

Individual

Business

logologo

Customer Service

0

Setting up a Raspberry Pi Proxy Server

Expert
1 uur
129,95

In this project we will learn how to create a cheap but powerful proxy server using Squid (proxy software). This tutorial provides a complete step-by-step guide to installing and configuring Squid, including optional steps such as opening it up for external access and setting up mandatory authentication.

What is a proxy server?

A **proxy server** acts as an intermediary between your device and the internet. When you visit a website through a proxy, the proxy forwards your request and retrieves the data on your behalf. This can help hide your IP address and access blocked websites. A **proxy is not a VPN**, as a proxy only works for specific apps or browsers and does not **encrypt** your internet traffic. This means that your data may still be visible to your ISP or others on the same network. **However**, if a website uses **HTTPS** (as most do these days), your connection to that site will remain encrypted even if you use a proxy. So while you're not giving up all of your security, a VPN does provide an extra layer of privacy and protection. This project can be run on all Raspberry Pi models from the Raspberry Pi 3B onwards, including the Raspberry Pi Zero 's. Alternatively, you can install this on a server or computer running a Linux distribution such as Ubuntu.

Prepare system

Before we begin, it is important to update the system. Open the terminal, which can be found in the upper left corner of Raspberry Pi OS , next to the file explorer icon. Run the following commands to update the system:

```sh
sudo apt-get update -y
sudo apt-get upgrade -y
sudo apt autoremove -y
```

Installing Squid

After the system is updated, we install the proxy software (Squid). In addition, we install an additional package that will be used later for setting up authentication. If you do not want to use authentication, you can skip the second command.

```sh
sudo apt install squid -y
sudo apt install apache2-utils -y
```

Next, check that Squid is installed correctly and make sure the service is started automatically when the Raspberry Pi boots:

```sh
sudo systemctl status squid.service
sudo systemctl enable squid.service
```

If the status shows "Active: inactive (dead)" or "Unit squid.service could not be found.", you can run the following commands:

```sh
sudo systemctl start squid.service
```

If Squid is not installed correctly, repeat the installation procedure and check that all steps were performed correctly. ### Configuring Squid To configure Squid, we open its configuration file with the following command:

```sh
sudo nano /etc/squid/squid.conf
```

At the top of the file add the following lines:

```sh
via off
forwarded_for off
request_header_access Via deny all
request_header_access X-Forwarded-For deny all
half_closed_clients off
connect_timeout 30 seconds
read_timeout 60 seconds
request_timeout 30 seconds
persistent_request_timeout 30 seconds
```

Save the changes with `CTRL+S` and close the editor with `CTRL+X`. Then restart Squid with:

```sh
sudo systemctl restart squid
```

The proxy server is now operational within the local network via port 3128. To find the local IP address of the Raspberry Pi , use the command:

```sh
ifconfig
```

On a Windows computer this can be done with:

```sh
ipconfig
```

Set up remote access to the proxy

To make the proxy reachable externally, port 3128 needs to be opened on the router. This process varies from router to router, but usually involves the following: 1. Find the router's IP address by running the `ifconfig` command on the Raspberry Pi or `ipconfig` on Windows. Typically, the router address is the local IP with the last digits replaced by `1` (for example `192.168.2.1`). 2. Open a web browser and enter this address. 3. Log into the router and find the "port forwarding" settings. 4. Open port 3128 for both incoming and outgoing traffic. 5. Save the changes. To allow Squid to accept external connections, add the following lines to the top of the config file:

```sh
acl all src 0.0.0.0/0
http_access allow all
```

Note: This will make the proxy publicly accessible. If you want to keep the proxy secure, follow these steps to enable authentication. To find your public IP address, visit a website like: - [https://ipchicken.com](https://ipchicken.com) - [https://whatismyip.com](https://whatismyip.com)

Set up authentication

To add a password and username, use the following commands:

```sh

You only use this the first time to create the password file. Replace "username" with your own username:

sudo htpasswd -c /etc/squid/passwords username

For additional users:

sudo htpasswd /etc/squid/passwords anotheruser
```

Next, modify the Squid configuration by adding the following lines:

```sh
auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/passwords
auth_param basic realm proxy
acl authenticated proxy_auth REQUIRED
# Vervang "http_access allow all" met:
http_access allow authenticated
```

Restart the Squid service:

```sh
sudo systemctl restart squid
```

Test proxy with authentication

To verify that the proxy is working properly, use the following command on a Windows PC:

```sh
curl -v -x http://gebruikersnaam:wachtwoord@lokaal_of_publiek_ip:3128 www.google.com
```

Your proxy server should now be working properly, both locally and remotely, with optional user authentication.

Related projects

project banner

Intermediate | Raspberry Pi

Raspberry Pi project: Pi-hole ad blocker

project banner

Intermediate | Raspberry Pi

Boot Raspberry Pi from USB or Network

project banner

Beginner | Raspberry Pi

Program your first Python project on a Raspberry Pi

Required products