Your own proxy server from scratch on a VPS/Dedicated/Hosting via ssh
Osnova sekce
-
-
Please use this chat if you have any questions or ideas or just to talk about course topics
-
-
This part is very easy, just register by the URL and create a Droplet with your first VPS server with 60 days free using(only by this URL), you can select any country you want from the list in the video, for example, if you located in Russia and want to get access some resources like LinkedIn then you can select any countries which will allow this access for you.
For example, it will be a USA proxy server secured with login and password only for your use, and additional security settings with blocking from other resources via Fail2Ban(you can learn more for free when completing this course), and like a bonus you will get free access to additional steps for install and use dedicated and VPS server for 12 months free and more with promo-actions from AWS Amazon, Alibaba, and Google VPS and you will see more ways for setup and work with it via other ways for connecting to your servers via SSH clients with secure keys and using FTP clients to get access to your server files via the same SSH secure access.
This time we will use a Linux terminal via SSH client from a DigitalOcean dashboard panel to access our installed VPS, and first of all, we will update our Debian OS repositories like this:
apt update
apt upgrade
Aktivity: 1 -
Again, we will use a Linux terminal via SSH client from a DigitalOcean dashboard panel to access our installed VPS, and this time we'll install a Squid server via a command-line interface, like this:
Aktivity: 0 -
This time we will use a Linux terminal via SSH client from a DigitalOcean dashboard panel to access our installed VPS, and now we will install a Database server MariaDB/MySQL via a command-line interface, like this:
apt install mariadb-server
Aktivity: 0 -
We need to make a Database(with user access the DB with login=proxy1 and password=1a968116a6552ee3451a42c1c8! and you must change all passwords later on your own, you will see how to do it in part number 10) and a table where we will store login and password for access sites via our proxy server, so no one else will use it instead of you.
We'll connect to our VPS like always via the dashboard panel, via the command-line interface, we'll use the command "mysql" under root user to create a new database with a table, like this:
mysql
[MariaDB CLI] > CREATE DATABASE squid;
[MariaDB CLI] > CREATE TABLE `passwd`(`user` varchar(32) NOT NULL default '', `password` varchar(35) NOT NULL default '', `enabled` tinyint(1) NOT NULL default '1', `fullname` varchar(60) default NULL, `comment` varchar(60) default NULL, PRIMARY KEY (`user`));
[MariaDB CLI] > GRANT SELECT ON squid.* TO 'proxy1'@'localhost' IDENTIFIED BY '1a968116a6552ee3451a42c1c8!';
[MariaDB CLI] > FLUSH PRIVILEGES;
[MariaDB CLI] > \q
Aktivity: 0 -
Now a time to configure mysql_module for your Squid proxy server so it can access the DB which we created in the previous part from where Squid will check if login and passwords for proxy authentication are correct or no.
So we will use a command in the Linux console to edit(via Vim (text editor)) these module settings (need to edit like in a video, login, and password from this part which we created to access the DB) like this:
vim /usr/lib/squid3/basic_db_auth
[VIM CLI] press i on your keyboard, so it will set the Vim to another state where you can edit the content of the file of /usr/lib/squid3/basic_db_auth
[VIM CLI] now edit the file the same way as in the video(use the cursor on your keyboard to navigate in the file content, for example, press arrow down for go to the down of the file while you not seeing similar data like in the video below, with login and password information for edit)
[VIM CLI] when you edit the file press ESC on your keyboard, so it will set the Vim to another state where you can enter commands
[VIM CLI] type :w for save the file, you can see how it looks like in the video
[VIM CLI] type :q for exit from the Vim editor, you can see how it looks like in the video
Aktivity: 0 -
We'll connect to our VPS like always via the dashboard panel, via the command-line interface, we'll use the command "mysql" under root user to insert data into the table for add a user which will be used for proxy authentication(later you will use it in a browser, login=test01 and password=i5h-28!wR6B7 when it asks.) to access sites via our proxy server, you can remember how we created this table recently from the previous part.
And now we go this way:
mysql
[MariaDB CLI] > INSERT INTO passwd VALUES('test01','i5h-28!wR6B7',1,'Test User','for web proxy in a browser');
[MariaDB CLI] > \q
Aktivity: 0 -
Now we will add some new strings(please use a file below, then just copy and paste strings to the end of the settings file like in the video).
These settings need in the Squid configuration file for proper handle login and password when someone will try to get access to sites via your Squid proxy server.
To begin you can use the Vim text editor, press CTRL+V on your keyboard to paste strings one by one(at the end of the file of /etc/squid/squid.conf), like in the video below(later in the course you will know about other ways to edit files more comfortably):
vim /etc/squid/squid.conf[VIM CLI] :9999
for the fast move to the end of the file, 9999 from here means the number of a string to where the Vim must moveAktivity: 0 -
We almost ready for the final test, now we need to stop the proxy server and make the last small change into the settings of Squid to allow connections to the sites via the proxy.
In the Linux Shell just run next commands:
vim /etc/squid/squid.conf[VIM CLI] write it without brackets: [ /http_access deny all ] - for searching this string after symbol of '/' and then please make it commented(type i for edit and use your keyboard) on the line in the file of /etc/squid/squid.conf with '#' at the beginning of this string like in the video below
[VIM CLI] press ESC on your keyboard, so it will set the Vim to another state where you can enter commands
[VIM CLI] :w
[VIM CLI ] :q
service squid restart
service squid status
And finally, after the last command, you will see a text with current proxy server status with words like these: active (running)
http_port 3128
http_port 3129 interceptAktivity: 0 -
Congratulations, you did it!✔️
We will use Firefox browser to test our proxy server and the website to see our IP address and "physical" location details when we use the proxy, please see the video below and test it, after this test, we will update our passwords for making it more secure.Aktivity: 0 -
So, now the time for make last security updates in your settings, first of all update login and password for a browser use, so you will know how to do it next time.
This topic only for your own way to do it and test, please write how you did it in the Completion Assignment.
Aktivity: 0 -
For the more secure way you need to change the login and the password for your Database user which responsible for connections between the Squid proxy server and MariaDB server, you passed a lot of detailed topics and know everything to complete this task.
So, just do it.
This topic only for your way to do it and test, please write how you did it in the Completion Assignment.
Aktivity: 0 -
Aktivity: 0