16.4. Configuring a Domain Blacklist in Squid
Frequently, administrators want to block access to specific domains. This section describes how to configure a domain blacklist in Squid.
Prerequisites
- Squid is configured, and users can use the proxy.
Procedure
- Edit the
/etc/squid/squid.conf
file and add the following settings:acl domain_blacklist dstdomain "/etc/squid/domain_blacklist.txt" http_access deny all domain_blacklist
Important
Add these entries before the firsthttp_access allow
statement that allows access to users or clients. - Create the
/etc/squid/domain_blacklist.txt
file and add the domains you want to block. For example, to block access toexample.com
including subdomains and to blockexample.net
, add:.example.com example.net
Important
If you referred to the/etc/squid/domain_blacklist.txt
file in the squid configuration, this file must not be empty. If the file is empty, Squid fails to start. - Restart the
squid
service:# systemctl restart squid