block malware using squid proxy

Hi Techrunnr Readers, this document deals with how to block malware using squid proxy.

Squid proxy is one of best opensource web proxy which has access control, caching for reducing bandwidth. It does web content filtering. Here are adding how to block malware using malware patrol.

Prerequisites

* Running squid server, if not installed follow this link
* Account in Malware patrol for updated malware lists.

Configuration

1. Copy the URL of malware list by logging to Malware Patrol.

2. Create a script for downloading the latest malware lists.

vi /etc/squid3/malware_patrol_update.sh

wget –no-check-certificate -O /etc/squid3/malware_patrol_blocklist 'copied URL'


/usr/sbin/squid3 -k reconfigure

save and exit.

3. change the permission of the script

chmod +x /etc/squid3/malware_patrol_update.sh

4. Configure squid proxy create ACL for blocking the malware.

acl malware url_regex -i “/etc/squid3/malware_patrol_blocklist”
http_access deny malware
deny_info http://www.malwarepatrol.net/denied.shtml malware

5. Add the script in crontab to download the latest malware list from malware patrol.

 

crontab -e


00 12 * * * sh /etc/squid3/malware_patrol_update.sh

That’s it, now you have completed configuring squid proxy with malware protection

© 2018, Techrunnr. All rights reserved.

#1
Questions Answered
Articles Written
Overall Points

Prabhin Prabharkaran

He is Technical professional. He is a person who loves to share tricks and tips on the Internet. He Posts what he does!!

Leave a Reply

Please wait...

Subscribe to our newsletter

Want to be notified when our article is published? Enter your email address and name below to be the first to know.