Squid is a proxy for the Web that provides extensive access control lists, reduces bandwidth consumption and improves response times by caching and reusing frequently requested web pages. It runs on most available operating systems, including Linux and Windows. It is licensed under the GNU GPL.
Malware Patrol provides block lists compatible with Squid3. You can follow these simple steps to configure your Squid instance and protect the internal network, computers and users from getting infected by malware.
1) Make sure your Squid3 instance is installed and working properly. There are several resources on the Internet that can help you configure Squid3 in your platform. If you are experiencing trouble installing and configuring Squid3, start at: http://www.squid-cache.org/.
2) On the server running Squid3, create a file called /etc/squid3/malware_patrol_update.sh. For example:
3) Log into your account with Malware Patrol and look for Squid Web Proxy ACL. Right click on "download" and select "Copy link location", you will need this URL on the next step.
4) Paste the following command into the newly created file, substituting _URL_YOU_JUST_COPIED_ by the URL you have copied on the previous step:
wget --no-check-certificate -O /etc/squid3/malware_patrol_blocklist '_URL_YOU_JUST_COPIED_'
5) It is very important to make sure that the URL you have copied from your account with Malware Patrol is enclosed in single quotes. For example:
wget --no-check-certificate -O /etc/squid3/malware_patrol_blocklist 'https://lists.malwarepatrol.net/cgi/getfile?receipt=01234567890&product=13&list=squid'
6) Add the following line to the file and save it:
/usr/sbin/squid3 -k reconfigure
7) Add execute permissions to the recently created file, executing this command:
chmod +755 /etc/squid3/malware_patrol_update.sh
8) Now we need to configure Squid3 to use the block list. Edit the file /etc/squid3/squid.conf. For example:
9) Add the following lines to the file, at the appropriate sections:
acl malware url_regex -i "/etc/squid3/malware_patrol_blocklist"
http_access deny malware
deny_info http://www.malwarepatrol.net/denied.shtml malware
10) Execute the recently created file that will download the latest block list and restart Squid:
11) Notice that Squid3 will take longer than usual to start because it needs to read thousands of entries that will protect you from malware infections.
12) You should now configure a cronjob to automatically update the Malware Patrol block list. The following command should be executed every hour:
/bin/sh /etc/squid3/malware_patrol_update.sh. Please choose minutes not close to 00, 01 and 59.
If you experience any difficulties configuring Squid3 to use Malware Patrol block lists, please make sure it is working properly and contact our tech support at support (@) malwarepatrol.net.
Back to top