Guide: How to setup a VPS proxy

June 4, 2020

This guide will explain how you can use your Virtual Private Server (VPS) as a proxy. We are going to setup Squid (http://www.squid-cache.org/) as a running service on your Linux webserver.

1. Installing Squid

First, we have to install the required packages (press Y to confirm installation):

apt update
apt install squid apache2-utils

Immediately after this, run service squid stop to stop the proxy from running since we need to do a few security changes first.

You can check your Squid version like so:

squid -v

It should show the version somewhere, like Squid Cache: Version 3.5.12.

2. Configuring Squid

Next, the configuration file for Squid /etc/squid/squid.conf will have to be updated to activate some security measures.

The code below makes a backup copy of the configuration file, and strips all comments to make it easier to edit in the next step:

cd /etc/squid
mv squid.conf squid.conf.backup
grep -o '^[^#]*' squid.conf.backup > squid.conf

You should now have a /etc/squid/squid.conf file with roughly 20-30 lines of code. Open this file using

nano /etc/squid/squid.conf
which opens this file in the nano text editor.

Once opened, you have to copy the highlighted text below into your configuration file. This includes:

  • Defining which file contains the username+password for accessing your proxy (/etc/squid/.passwd).
  • Change the default proxy port 3128 to another port like 5554. This step is optional but recommended.

If you are not familiar with the nano text-editor, a simple way to update this file is to manually backspace the lines you don't need, and type over the highlighted lines below. Once done, press CTRL + X, Y and Enter to save and close the file.

Original file
acl SSL_ports port 443
acl Safe_ports port 80
acl Safe_ports port 21
acl Safe_ports port 443
acl Safe_ports port 70
acl Safe_ports port 210
acl Safe_ports port 1025-65535
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777
acl CONNECT method CONNECT
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
http_access allow localhost
http_access deny all
http_port 3128
coredump_dir /var/spool/squid
refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern -i (/cgi-bin/|\?) 0     0%      0
refresh_pattern (Release|Packages(.gz)*)$      0       20%     2880
refresh_pattern .               0       20%     4320
Updated file
acl SSL_ports port 443
acl Safe_ports port 80
acl Safe_ports port 21
acl Safe_ports port 443
acl Safe_ports port 70
acl Safe_ports port 210
acl Safe_ports port 1025-65535
acl Safe_ports port 280
acl Safe_ports port 488
acl Safe_ports port 591
acl Safe_ports port 777
acl CONNECT method CONNECT
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports

auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/.passwd
auth_param basic realm proxy
acl authenticated proxy_auth REQUIRED
http_access allow authenticated
http_port 5554

coredump_dir /var/spool/squid
refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern -i (/cgi-bin/|\?) 0     0%      0
refresh_pattern (Release|Packages(.gz)*)$      0       20%     2880
refresh_pattern .               0       20%     4320

3. Defining a proxy password

Now, we are going to create the .passwd file in the /etc/squid directory, with a username+password of your choosing.

The code below adds a user named autobumper with the password uZdfYcaPjzJjPeCVy1ty7zbQ (you are free to copy this password since it is randomly generated when you refresh this page):

cd /etc/squid
htpasswd -vb .passwd autobumper uZdfYcaPjzJjPeCVy1ty7zbQ
chown proxy:proxy .passwd
chmod 600 .passwd

Once done, you should now have a /etc/squid/.passwd file assigned to the proxy:proxy user. You can check the contents using this command (which should show a hashed version of your password):

cat .passwd

4. Finishing up

Once you have completed all steps above, you are ready to start your squid proxy. Execute the following command:

service squid restart

This may take a minute, but after that your proxy should be up and running.

Depending on your server setup, you might have ufw active which is a Linux firewall. In order to access your proxy, you might still need to execute the following command to open up port 5554 as defined in your configuration file:

ufw allow 5554/tcp

5. Testing and using your proxy on autobumper.io

Now, to use the proxy with autobumper.io, go to your profile here, and fill in the following details:

  • Type HTTP
  • Host Your VPS IP
  • Port 5554 (or whichever port you defined in squid.conf)
  • Username autobumper (or whichever username is shown in .passwd)
  • Password uZdfYcaPjzJjPeCVy1ty7zbQ (or whichever password is hashed in .passwd)

Lastly, press the Test Proxy button which should show a success message.

Alternatively, you can test your proxy using cURL like so:

curl https://autobumper.io/ping -x http://autobumper:uZdfYcaPjzJjPeCVy1ty7zbQ@111.111.111.111:5554

You can then check the checkbox "Enable this proxy for all threads" to have every autobumper request go through your proxy. Forums will now see all your posts as coming from your VPS IP address instead of the autobumper rotating proxy.