One place for hosting & domains

      Create

      How To Create a Minecraft Server on Ubuntu 20.04


      The author selected the Tech Education Fund to receive a donation as part of the Write for DOnations program.

      Introduction

      Minecraft is a popular sandbox video game. Originally released in 2009, it allows players to build, explore, craft, and survive in a block 3D generated world. As of late 2019, it was the second best-selling video game of all time. In this tutorial, you will create your own Minecraft server so that you and your friends can play together. Specifically, you will install the necessary software packages to run Minecraft, configure the server to run, and then deploy the game.

      Alternately, you can explore DigitalOcean’s One-Click Minecraft: Java Edition Server as another installation path.

      This tutorial uses the Java version of Minecraft. If you purchased your version of Minecraft through the Microsoft App Store, you will be unable to connect to this server. Most versions of Minecraft purchased on gaming consoles such as the PlayStation 4, Xbox One, or Nintendo Switch are also the Microsoft version of Minecraft. These consoles are also unable to connect to the server built in this tutorial. You can obtain the Java version of Minecraft here.

      Prerequisites

      In order to follow this guide, you’ll need:

      Step 1 — Installing the Necessary Software Packages and Configure the Firewall

      With your server initialized, your first step is to install Java; you’ll need it to run Minecraft.

      Update the package index for the APT package manager:

      Next, install the OpenJDK version 8 of Java, specifically the headless JRE. This is a minimal version of Java that removes the support for GUI applications. This makes it ideal for running Java applications on a server:

      • sudo apt install openjdk-8-jre-headless

      You also need to use a software called screen to create detachable server sessions. screen allows you to create a terminal session and detach from it, leaving the process started on it running. This is important because if you were to start your server and then close your terminal, this would kill the session and stop your server. Install screen now:

      Now that you have the packages installed we need to enable the firewall to allow traffic to come in to our Minecraft server. In the initial server setup that you performed you only allowed traffic from SSH. Now you need to allow for traffic to come in via port 25565, which is the default port that Minecraft uses to allow connections. Add the necessary firewall rule by running the following command:

      Now that you have Java installed and your firewall properly configured, you will download the Minecraft server from the Minecraft website.

      Step 2 — Downloading the Latest Version of Minecraft

      Now you need to download the current version of the Minecraft server. You can do this by navigating to Minecraft’s Website and copying the link that says Download minecraft_server.X.X.X.jar, where the X’s are the latest version of the server.

      You can now use wget and the copied link to download the server:

      • wget https://launcher.mojang.com/v1/objects/bb2b6b1aefcd70dfd1892149ac3a215f6c636b07/server.jar

      If you intend to upgrade your Minecraft server, or if you want to run different versions of Minecraft, rename the downloaded server.jar to minecraft_server_1.15.2.jar, matching the highlighted version numbers to whatever version you just downloaded:

      • mv server.jar minecraft_server_1.15.2.jar

      If you want to download an older version of Minecraft, you can find them archived at mcversions.net. But this tutorial will focus on the current latest release. Now that you have your download let’s start configuring your Minecraft server.

      Step 3 — Configuring and Running the Minecraft Server

      Now that you have the Minecraft jar downloaded, you are ready to run it.

      First, start a screen session by running the screen command:

      Once you have read the banner that has appeared, press the SPACE bar. screen will present you with a terminal session like normal. This session is now detachable, which means that you’ll be able to start a command here and leave it running.

      You can now perform your initial configuration. Do not be alarmed when this next command throws an error. Minecraft has designed its installation this way so that users must first consent to the company’s licensing agreement. You will do this next:

      • java -Xms1024M -Xmx1024M -jar minecraft_server_1.15.2.jar nogui

      Before examining this command’s output, let’s take a closer look at all these command-line arguments, which are tuning your server:

      • Xms1024M – This configures the server to start running with 1024MB or 1GB of RAM running. You can raise this limit if you want your server to start with more RAM. Both M for megabytes and G for gigabytes are supported options. For example: Xms2G will start the server with 2 gigabytes of RAM.

      • Xmx1024M – This configures the server to use, at most, 1024M of RAM. You can raise this limit if you want your server to run at a larger size, allow for more players, or if you feel that your server is running slowly.

      • jar – This flag specifies which server jar file to run.

      • nogui – This tells the server not to launch a GUI since this is a server, and you don’t have a graphical user interface.

      The first time you run this command, which normally starts your server, it will instead generate the following error:

      Output

      [22:05:31] [22:05:31] [main/ERROR]: Failed to load properties from file: server.properties [22:05:31] [main/WARN]: Failed to load eula.txt [22:05:31] [main/INFO]: You need to agree to the EULA in order to run the server. Go to eula.txt for more info.

      These errors were generated because the server could not find two necessary files required for execution: the EULA (End User License Agreement), found in eula.txt, and the configuration file server.properties. Fortunately, since the server was unable to find these files, it created them in your current working directory.

      First, open eula.txt in nano or your favorite text editor:

      Inside this file, you will see a link to the Minecraft EULA. Copy the URL:

      ~/eula.txt

      #By changing the setting below to TRUE you are indicating your agreement to our EULA (https://account.mojang.com/documents/minecraft_eula).
      #Tue Mar 24 22:05:31 UTC 2020
      eula=false
      

      Open the URL in your web browser and read the agreement. Then return to your text editor and find the last line in eula.txt. Here, change eula=false to eula=true. Now save and close the file.

      Now that you’ve accepted the EULA, it is time to configure the server to your specifications.

      In your current working directory, you will also find the newly created server.properties file. This file contains all of the configuration options for your Minecraft server. You can find a detailed list of all server properties on the Official Minecraft Wiki. You will modify this file with your preferred settings before starting your server. This tutorial will cover the fundamental properties:

      Your file will appear like this:

      ~/server.properties

      #Minecraft server properties
      #Thu Apr 30 23:42:29 UTC 2020
      spawn-protection=16
      max-tick-time=60000
      query.port=25565
      generator-settings=
      force-gamemode=false
      allow-nether=true
      enforce-whitelist=false
      gamemode=survival
      broadcast-console-to-ops=true
      enable-query=false
      player-idle-timeout=0
      difficulty=easy
      spawn-monsters=true
      broadcast-rcon-to-ops=true
      op-permission-level=4
      pvp=true
      snooper-enabled=true
      level-type=default
      hardcore=false
      enable-command-block=false
      max-players=20
      network-compression-threshold=256
      resource-pack-sha1=
      max-world-size=29999984
      function-permission-level=2
      rcon.port=25575
      server-port=25565
      server-ip=
      spawn-npcs=true
      allow-flight=false
      level-name=world
      view-distance=10
      resource-pack=
      spawn-animals=true
      white-list=false
      rcon.password=
      generate-structures=true
      online-mode=true
      max-build-height=256
      level-seed=
      prevent-proxy-connections=false
      use-native-transport=true
      motd=A Minecraft Server
      enable-rcon=false
      

      Let’s take a closer look at some of the most important properties in this list:

      • difficulty (default easy) – This sets the difficulty of the game, such as how much damage is dealt and how the elements affect your player. The options are peaceful, easy, normal, and hard.

      • gamemode (default survival) – This sets the gameplay mode. The options are survival, creative,adventure, and spectator.

      • level-name (default world) – This sets the name of your server that will appear in the client. Characters such as the apostrophe may need to be escaped with a backslash.

      • motd (default A Minecraft Server) – The message that is displayed in the server list of the Minecraft client.

      • pvp (default true) – Enables Player versus Player combat. If set to true, players will be able to engage in combat and damage each other.

      Once you have set the options that you want, save and close the file.

      Now that you have changed EULA to true and configured your settings, you can successfully start your server.

      Like last time, let’s start your server with 1024M of RAM. Only now, let’s also grant Minecraft the ability to use up to 4G of RAM if it needs it. Remember, you are welcome to adjust this number to fit your server limitations or user needs:

      • java -Xms1024M -Xmx4G -jar minecraft_server_1.15.2.jar nogui

      Give the initialization a few moments. Soon your new Minecraft server will start producing an output similar to this:

      Output

      [21:08:14] [Server thread/INFO]: Starting minecraft server version 1.15.2 [21:08:14] [Server thread/INFO]: Loading properties [21:08:14] [Server thread/INFO]: Default game type: SURVIVAL [21:08:14] [Server thread/INFO]: Generating keypair [21:08:15] [Server thread/INFO]: Starting minecraft server on *:25565

      Once the server is up and running, you will see the following output:

      Output

      [21:15:37] [Server thread/INFO]: Done (30.762s)! For help, type "help"

      Your server is now running, and you have been dropped into the server administrator control panel. Now type help:

      An output like this will appear:

      Output

      [21:15:37] [Server thread/INFO]: /advancement (grant|revoke) [21:15:37] [Server thread/INFO]: /ban <targets> [<reason>] [21:15:37] [Server thread/INFO]: /ban-ip <target> [<reason>] [21:15:37] [Server thread/INFO]: /banlist [ips|players] ...

      From this terminal you can execute administrator commands and control your Minecraft server. Now let’s use screen to keep your new server running, even after you log out. Then you can connect to your Minecraft client and start a new game.

      Step 4 — Keeping the Server Running

      Now that you have your server up, you want it to remain running even after you disconnect from your SSH session. Since you used screen earlier, you can detach from this session by pressing Ctrl + A + D. Now you’re back in your original shell.

      Run this command to see all of your screen sessions:

      You’ll get an output with the ID of your session, which you’ll need to resume that session:

      Output

      There is a screen on: 26653.pts-0.minecraft (03/25/20 21:18:31) (Detached) 1 Socket in /run/screen/S-root.

      To resume your session, pass the -r flag to the screen command and then enter your session ID:

      When you are ready to log out of your server, be sure to detach from the session with Ctrl + A + D and then log out.

      Step 5 — Connecting to Your Server from the Minecraft Client

      Now that your server is up and running, let’s connect to it through the Minecraft client. Then you can play!

      Launch your copy of Minecraft Java Edition and select Multiplayer in the menu.

      Select Multiplayer in the menu

      Next, you will need to add a server to connect to, so click on the Add Server button.

      Click the Add Server button

      In the Edit Server Info screen that shows up, give your server a name and type in the IP address of your server. This is the same IP address that you used to connect through SSH.

      Name your server and type in the IP address

      Once you have entered your server name and IP address, you’ll be taken back to the Multiplayer screen where your server will now be listed.

      Select your server and click Join Server

      From now on, your server will always appear in this list. Select it and click Join Server.

      Enjoy the game!

      You are in your server and ready to play!

      Conclusion

      You now have a Minecraft server running on Ubuntu 20.04 for you and all of your friends to play on! Have fun exploring, crafting, and surviving in a crude 3D world. And remember: watch out for griefers.



      Source link

      How to Create an HTTP Proxy Using Squid on Ubuntu 18.04


      Updated by Rajakavitha Kodhandapani

      Written by Linode

      This guide will show you how to create your own HTTP proxy using Squid, a highly customizable proxy/cache application, on Ubuntu 18.04. An HTTP proxy acts as an intermediary between you and the internet. While connected to your Squid HTTP proxy, you will be able to:

      • Anonymously access internet services.
      • Bypass certain regional and local network restrictions.

      Note

      Install Squid

      1. Secure your Linode by completing the instructions in our guide on Securing Your Server, including adding a limited user account and configuring a firewall.

        Note

        This guide is written for a limited, non-root user. Commands that require elevated privileges are prefixed with sudo. If you are not familiar with the sudo command, you can check our Users and Groups guide.
      2. Ensure that your system is up-to-date:

        sudo apt-get update && sudo apt-get upgrade
        
      3. Install Squid using the apt software package manager:

        sudo apt-get install squid
        
      4. Copy the original configuration file to keep as a backup:

        sudo cp /etc/squid/squid.conf /etc/squid/squid.conf.default
        

        Note

        The Squid configuration file includes comprehensive documentation in its commented lines, along with several uncommented rules that will remain active. These default rules should not be modified while you are following this guide. To gain a deeper understanding of Squid’s options and default settings, you can review the full configuration file.

      Configure Client Access

      Now that you have Squid installed on your Linode, you can configure ways for it to accept connections and serve as an HTTP proxy. The following sections provide different ways for your Squid HTTP proxy to authenticate client connections. You can configure Squid to use either or both authentication methods.

      IP Address Authentication

      A simple way to use Squid as an HTTP proxy is to use a client’s IP address for authentication.

      1. Edit the Squid configuration file and add the following lines at the beginning of the file:

        /etc/squid/squid.conf
        1
        2
        
        acl client src 192.0.2.0 # Home IP
        http_access allow client

        Replace client with a name that identifies the client computer that will connect to your Squid HTTP proxy, then replace 192.0.2.0 with the client computer’s IP address. You can also update the optional comment # Home IP to further describe the client.

      2. Alternatively, you can configure multiple clients by adding new acl lines to /etc/squid/squid.conf and including them in the http_access allow line as follows:

        /etc/squid/squid.conf
        1
        2
        3
        
        acl client1 src 192.0.2.0 # Home IP
        acl client2 src 192.0.2.1 # Work IP
        http_access allow client1 client2

        Replace client1 and client2 with names that identify the client computers, then replace 192.0.2.0 and 192.0.2.1 with their corresponding IP addresses. Update the optional comments # Home IP and # Work IP with accurate descriptions to help keep track of multiple clients. Access to the proxy is granted by adding the names defined by each acl to the http_access allow line.

      User/Password Authentication

      You can also configure your Squid HTTP proxy to accept authentication with usernames and passwords.

      1. Install htpasswd by installing the Apache utility programs. If you have installed Apache on your Linode, you will already have it and can skip this step.

        sudo apt-get install apache2-utils
        
      2. Create a file to store Squid users and passwords:

        sudo touch /etc/squid/squid_passwd
        
      3. Change ownership of the password file:

        sudo chown proxy /etc/squid/squid_passwd
        
      4. Create a username password pair, replacing user1 with the name of the user you’d like to add:

        sudo htpasswd /etc/squid/squid_passwd user1
        

        You will be prompted to create a password for this user:

          
        New password:
        Re-type new password:
        Adding password for user user1
        
        

        You can repeat this step at any time to create new users.

      5. Check the location of the nsca_auth file:

        sudo dpkg -L squid | grep ncsa_auth
        
      6. Edit the Squid configuration file and add the following lines at the beginning of the file:

        Note

        Ensure that you update /usr/lib/squid/basic_ncsa_auth below with the location of the nsca_auth file that you checked in the previous step.

        /etc/squid/squid.conf
        1
        2
        3
        
        auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/squid_passwd
        acl ncsa_users proxy_auth REQUIRED
        http_access allow ncsa_users
      7. To remove a user’s access to the proxy, you must delete the corresponding entry in the squid_passwd file. Each user is represented in the file on a single line in the format of user:passwordhash:

        /etc/squid/squid_passwd
        1
        
        user1:$p948w3nvq3489v6npq396g user2:$q3cn478554387cq34n57vn

        If you are using Nano, the command Control+k will remove the entire line where the cursor rests.

        Once you’ve saved and exited the file, complete user removal by restarting Squid:

        sudo systemctl restart squid
        

      Combined Authentication

      You can combine authentication methods using the same acl definitions that you have added in the previous two sections by using a single http_access rule.

      1. Remove any previous http_access lines you have added.

      2. Edit the Squid configuration file so that the lines you have added at the beginning of the file follow this form:

        /etc/squid/squid.conf
        1
        2
        3
        4
        5
        
        acl client1 src 192.0.2.0 # Home IP
        acl client2 src 192.0.2.1 # Work IP
        auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/squid_passwd
        acl ncsa_users proxy_auth REQUIRED
        http_access allow client1 client2 ncsa_users

        Note

        Take care to avoid using multiple http_access rules when combining authentication methods, as Squid will follow the rules in the order that they appear. By using a single http_access rule for your acl definitions, you will ensure that several authentication methods will apply to each client that attempts to connect to your Squid HTTP proxy.

      Anonymize Traffic

      Here, you will add rules to mask client IP addresses from the servers that receive traffic from you Squid HTTP proxy. Without these rules, the originating client IP addresses may be passed on through the X-Forwarded For HTTP header.

      Add the following lines at the beginning of the Squid configuration file:

      /etc/squid/squid.conf
       1
       2
       3
       4
       5
       6
       7
       8
       9
      10
      11
      12
      13
      14
      15
      16
      17
      18
      19
      20
      21
      22
      23
      24
      25
      26
      27
      28
      29
      30
      
      forwarded_for off
      request_header_access Allow allow all
      request_header_access Authorization allow all
      request_header_access WWW-Authenticate allow all
      request_header_access Proxy-Authorization allow all
      request_header_access Proxy-Authenticate allow all
      request_header_access Cache-Control allow all
      request_header_access Content-Encoding allow all
      request_header_access Content-Length allow all
      request_header_access Content-Type allow all
      request_header_access Date allow all
      request_header_access Expires allow all
      request_header_access Host allow all
      request_header_access If-Modified-Since allow all
      request_header_access Last-Modified allow all
      request_header_access Location allow all
      request_header_access Pragma allow all
      request_header_access Accept allow all
      request_header_access Accept-Charset allow all
      request_header_access Accept-Encoding allow all
      request_header_access Accept-Language allow all
      request_header_access Content-Language allow all
      request_header_access Mime-Version allow all
      request_header_access Retry-After allow all
      request_header_access Title allow all
      request_header_access Connection allow all
      request_header_access Proxy-Connection allow all
      request_header_access User-Agent allow all
      request_header_access Cookie allow all
      request_header_access All deny all

      Enable Connections

      Next, you will enable clients to connect to your Squid HTTP proxy.

      1. Save and exit the Squid configuration file.

      2. Restart Squid to enable the rules you have added:

        sudo systemctl restart squid
        
      3. Implement firewall rules to enable port 3128, which is the default service port used by Squid:

        sudo ufw allow 3128/tcp
        

        You can find more information on configuring firewall rules for Ubuntu in our guide on How to Configure a Firewall with UFW.

      Connect to your Squid HTTP Proxy

      Your Squid HTTP proxy is now ready to accept client connections and anonymously handle internet traffic.

      At this point, you can configure your local browser or operating system’s network settings to use your Linode as an HTTP proxy. The settings to do this will vary depending on your OS and browser. Instructions for certain OS and browser settings are located in the More Information section below.

      Generally, connecting to your Squid HTTP proxy requires the following information:

      • The IP address or domain name associated with your Linode.
      • The port that is being used by Squid. The default port is 3128.
      • A username and password if you have configured them for authentication.

      Once you have established your OS or browser settings, test the connection by pointing your browser at a website that tells you your IP address, such as:

      The result should display your Linode’s IP address instead of the IP address of your client computer.

      More Information

      You may wish to consult the following resources for additional information on this topic. While these are provided in the hope that they will be useful, please note that we cannot vouch for the accuracy or timeliness of externally hosted materials.

      This guide is published under a CC BY-ND 4.0 license.



      Source link

      How to Create an HTTP Proxy Using Squid on Debian 10


      Updated by Rajakavitha Kodhandapani

      Written by Linode

      This guide will show you how to create your own HTTP proxy using Squid, a highly customizable proxy/cache application, on Debian 10. An HTTP proxy acts as an intermediary between you and the internet. While connected to your Squid HTTP proxy, you will be able to:

      • Anonymously access internet services.
      • Bypass certain regional and local network restrictions.

      Note

      Install Squid

      1. Secure your Linode by completing the instructions in our guide on Securing Your Server, including adding a limited user account and configuring a firewall.

        Note

        This guide is written for a limited, non-root user. Commands that require elevated privileges are prefixed with sudo. If you are not familiar with the sudo command, you can check our Users and Groups guide.
      2. Ensure that your system is up-to-date:

        sudo apt-get update && sudo apt-get upgrade
        
      3. Install Squid using the apt software package manager:

        sudo apt-get install squid
        
      4. Copy the original configuration file to keep as a backup:

        sudo cp /etc/squid/squid.conf /etc/squid/squid.conf.default
        

        Note

        The Squid configuration file includes comprehensive documentation in its commented lines, along with several uncommented rules that will remain active. These default rules should not be modified while you are following this guide. To gain a deeper understanding of Squid’s options and default settings, you can review the full configuration file.

      Configure Client Access

      Now that you have Squid installed on your Linode, you can configure ways for it to accept connections and serve as an HTTP proxy. The following sections provide different ways for your Squid HTTP proxy to authenticate client connections. You can configure Squid to use either or both authentication methods.

      IP Address Authentication

      A simple way to use Squid as an HTTP proxy is to use a client’s IP address for authentication.

      1. Edit the Squid configuration file and add the following lines at the beginning of the file:

        /etc/squid/squid.conf
        1
        2
        
        acl client src 192.0.2.0 # Home IP
        http_access allow client

        Replace client with a name that identifies the client computer that will connect to your Squid HTTP proxy, then replace 192.0.2.0 with the client computer’s IP address. You can also update the optional comment # Home IP to further describe the client.

      2. Alternatively, you can configure multiple clients by adding new acl lines to /etc/squid/squid.conf and including them in the http_access allow line as follows:

        /etc/squid/squid.conf
        1
        2
        3
        
        acl client1 src 192.0.2.0 # Home IP
        acl client2 src 192.0.2.1 # Work IP
        http_access allow client1 client2

        Replace client1 and client2 with names that identify the client computers, then replace 192.0.2.0 and 192.0.2.1 with their corresponding IP addresses. Update the optional comments # Home IP and # Work IP with accurate descriptions to help keep track of multiple clients. Access to the proxy is granted by adding the names defined by each acl to the http_access allow line.

      User/Password Authentication

      You can also configure your Squid HTTP proxy to accept authentication with usernames and passwords.

      1. Install htpasswd by installing the Apache utility programs. If you have installed Apache on your Linode, you will already have it and can skip this step.

        sudo apt-get install apache2-utils
        
      2. Create a file to store Squid users and passwords:

        sudo touch /etc/squid/squid_passwd
        
      3. Change ownership of the password file:

        sudo chown proxy /etc/squid/squid_passwd
        
      4. Create a username password pair, replacing user1 with the name of the user you’d like to add:

        sudo htpasswd /etc/squid/squid_passwd user1
        

        You will be prompted to create a password for this user:

          
        New password:
        Re-type new password:
        Adding password for user user1
        
        

        You can repeat this step at any time to create new users.

      5. Check the location of the nsca_auth file:

        sudo dpkg -L squid | grep ncsa_auth
        
      6. Edit the Squid configuration file and add the following lines at the beginning of the file:

        Note

        Ensure that you update /usr/lib/squid/basic_ncsa_auth below with the location of the nsca_auth file that you checked in the previous step.

        /etc/squid/squid.conf
        1
        2
        3
        
        auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/squid_passwd
        acl ncsa_users proxy_auth REQUIRED
        http_access allow ncsa_users
      7. To remove a user’s access to the proxy, you must delete the corresponding entry in the squid_passwd file. Each user is represented in the file on a single line in the format of user:passwordhash:

        /etc/squid/squid_passwd
        1
        
        user1:$p948w3nvq3489v6npq396g user2:$q3cn478554387cq34n57vn

        If you are using Nano, the command Control+k will remove the entire line where the cursor rests.

        Once you’ve saved and exited the file, complete user removal by restarting Squid:

        sudo systemctl restart squid
        

      Combined Authentication

      You can combine authentication methods using the same acl definitions that you have added in the previous two sections by using a single http_access rule.

      1. Remove any previous http_access lines you have added.

      2. Edit the Squid configuration file so that the lines you have added at the beginning of the file follow this form:

        /etc/squid/squid.conf
        1
        2
        3
        4
        5
        
        acl client1 src 192.0.2.0 # Home IP
        acl client2 src 192.0.2.1 # Work IP
        auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/squid_passwd
        acl ncsa_users proxy_auth REQUIRED
        http_access allow client1 client2 ncsa_users

        Note

        Take care to avoid using multiple http_access rules when combining authentication methods, as Squid will follow the rules in the order that they appear. By using a single http_access rule for your acl definitions, you will ensure that several authentication methods will apply to each client that attempts to connect to your Squid HTTP proxy.

      Anonymize Traffic

      Here, you will add rules to mask client IP addresses from the servers that receive traffic from you Squid HTTP proxy. Without these rules, the originating client IP addresses may be passed on through the X-Forwarded For HTTP header.

      Add the following lines at the beginning of the Squid configuration file:

      /etc/squid/squid.conf
       1
       2
       3
       4
       5
       6
       7
       8
       9
      10
      11
      12
      13
      14
      15
      16
      17
      18
      19
      20
      21
      22
      23
      24
      25
      26
      27
      28
      29
      30
      
      forwarded_for off
      request_header_access Allow allow all
      request_header_access Authorization allow all
      request_header_access WWW-Authenticate allow all
      request_header_access Proxy-Authorization allow all
      request_header_access Proxy-Authenticate allow all
      request_header_access Cache-Control allow all
      request_header_access Content-Encoding allow all
      request_header_access Content-Length allow all
      request_header_access Content-Type allow all
      request_header_access Date allow all
      request_header_access Expires allow all
      request_header_access Host allow all
      request_header_access If-Modified-Since allow all
      request_header_access Last-Modified allow all
      request_header_access Location allow all
      request_header_access Pragma allow all
      request_header_access Accept allow all
      request_header_access Accept-Charset allow all
      request_header_access Accept-Encoding allow all
      request_header_access Accept-Language allow all
      request_header_access Content-Language allow all
      request_header_access Mime-Version allow all
      request_header_access Retry-After allow all
      request_header_access Title allow all
      request_header_access Connection allow all
      request_header_access Proxy-Connection allow all
      request_header_access User-Agent allow all
      request_header_access Cookie allow all
      request_header_access All deny all

      Enable Connections

      Next, you will enable clients to connect to your Squid HTTP proxy.

      1. Save and exit the Squid configuration file.

      2. Restart Squid to enable the rules you have added:

        sudo systemctl restart squid
        
      3. Implement firewall rules to enable port 3128, which is the default service port used by Squid:

        sudo ufw allow 3128/tcp
        

        You can find more information on configuring firewall rules for Debian in our guide on How to Configure a Firewall with UFW.

      Connect to your Squid HTTP Proxy

      Your Squid HTTP proxy is now ready to accept client connections and anonymously handle internet traffic.

      At this point, you can configure your local browser or operating system’s network settings to use your Linode as an HTTP proxy. The settings to do this will vary depending on your OS and browser. Instructions for certain OS and browser settings are located in the More Information section below.

      Generally, connecting to your Squid HTTP proxy requires the following information:

      • The IP address or domain name associated with your Linode.
      • The port that is being used by Squid. The default port is 3128.
      • A username and password if you have configured them for authentication.

      Once you have established your OS or browser settings, test the connection by pointing your browser at a website that tells you your IP address, such as:

      The result should display your Linode’s IP address instead of the IP address of your client computer.

      More Information

      You may wish to consult the following resources for additional information on this topic. While these are provided in the hope that they will be useful, please note that we cannot vouch for the accuracy or timeliness of externally hosted materials.

      This guide is published under a CC BY-ND 4.0 license.



      Source link