How can I prevent squid from being detected?

Question

I've set up a proxy server on AWS in the US in order to allow me to browse the american internet from the UK, however I would like to hide this so that the reverse end cannot detect I am using squid. Is this possible, and if so, how?

BTW - the fact you're using squid shouldn't matter. Lots of offices will have traffic routes through a squid server where ever they are in the world. I can't think of a site which has ever blocked me due to using a proxy. Perhaps your guilty conscience is making you feel a little paranoid :-) — Coops, Mar 01 '11 at 21:54
This is good to know! The main purpose is to get websites that are showing content based on geolocation to show me American content (rather than UK content, where I am based). So far though, with these settings, it appears to be working! — chrism2671, Mar 03 '11 at 13:25

score 19 · Accepted Answer · answered Mar 01 '11 at 21:50

19

You can inhibit X-Forwarded-For with

header_access X-Forwarded-For deny all

in squid.conf

this is all I've required but further headers you may wish to deny are at http://www.christianschenk.org/blog/enhancing-your-privacy-using-squid-and-privoxy/

answered Mar 01 '11 at 21:50

jamespo

1,698
12
12

2

and also it's good to add "via off" – luchaninov Dec 19 '14 at 12:42
7

Since squid3 you need to use `request_header_access` instead of `header_access` (it's deprecated) – kazy Aug 18 '15 at 15:56
The `via` header leaks through with this setting. The extended settings in the link include the deny to clean that up – Matt Sep 14 '21 at 05:53

score 14 · Answer 2 · edited Aug 26 '15 at 19:03

14

This is straight from my squid.conf:

#Privacy Things
via off
forwarded_for off
follow_x_forwarded_for deny all

Since version 3.0 you need to build squid from source for these limitations to work with some special flag for './configure'. This is how I build mine:

./configure --enable-http-violations --prefix=/usr --includedir=/usr/include \
  --datadir=/usr/share --bindir=/usr/sbin --libexecdir=/usr/lib/squid        \
  --localstatedir=/var --sysconfdir=/etc/squid --enable-auth="ntlm,basic"    \
  --enable-follow-x-forwarded-for

(CentOS 5.5)

edited Aug 26 '15 at 19:03

BamaPookie

240
1
9

answered Mar 02 '11 at 08:45

Bart De Vos

17,761
6
62
81

1

(note from Seanp2k: on my system, Ubuntu 11.04, Squid3 was able to do this without recompiling) – user9517 Jul 30 '11 at 19:55
Possible. Depends on the version in the repositories. – Bart De Vos Jul 30 '11 at 21:53
4

I prefer "forwarded_for delete" instead of "off" – dustmachine Mar 01 '13 at 17:47

score 3 · Answer 3 · answered Jan 16 '17 at 14:16

this is my config, now my squid proxy not detected anymore.

#Anonymizing traffic
forwarded_for off
#request_header_access Allow allow all
#request_header_access All allow all

request_header_access X-Forwarded-For deny all
request_header_access Via  deny all

Sean Reifschneider · Answer 4 · 2011-03-02T08:39:14.343

2

Have you considered setting up a VPN to the AWS instance instead of setting up Squid? Then route traffic through the AWS instance, which would avoid squid and be undetectable. Just throwing it out there. That's exactly how a friend of mine set up a VPS in the UK to access the BBC.

edited Mar 02 '11 at 08:39

answered Mar 02 '11 at 03:08

Sean Reifschneider

10,370
3
24
28

score 1 · Answer 5 · answered Jan 17 '17 at 13:29

Turn Squid3 headers off

via off
forwarded_for off

request_header_access From deny all
request_header_access Server deny all
request_header_access WWW-Authenticate deny all
request_header_access Link deny all
request_header_access Cache-Control deny all
request_header_access Proxy-Connection deny all
request_header_access X-Cache deny all
request_header_access X-Cache-Lookup deny all
request_header_access Via deny all
request_header_access X-Forwarded-For deny all
request_header_access Pragma deny all
request_header_access Keep-Alive deny all

How can I prevent squid from being detected?

5 Answers5

Linked