You need to setup an acl on a squid proxy server to block Microsoft Internet Explorer or any other browser of your choice. This tutorials explains how to block Internet Explorer browsers with Squid proxy running on a Ubuntu Linux and CentOS Linux version 6.x server. This is also useful to fix an known vulnerability coming from a specific version of browser. Please note the following acl based on user-agents and it can be spoofed easily.
Warning: Please note that third-party browser add-ons or bots can alter the user-agent string on the client side itself. So the following may not work at all.
Syntax to block squid using User-Agent header
The acl syntax is as follows tn match on User-Agent header:
acl acl_name_here browser User_Agent_Here
Step 1: Edit squid.conf
Type the following command:
sudo vi /etc/squid/squid.conf
Step 2: Enable User-agent log in squid.conf
Make sure access_log set to combined (default is squid):
access_log daemon:/var/log/squid3/access.log combined
Step 3: Update/append acl
Local acl section and append the following configuration directives to your squid.conf file:
## block all version of MSIE ## acl block_browser browser MSIE http_access deny block_browser
It is also possible to block specific version or other browsers too:
acl block_bad_browser browser MSIE.9 acl block_bad_browser browser MSIE.10 acl block_bad_browser browser Firefox acl block_bad_browser browser Chrome/38 http_access deny block_bad_browser
You can also use the following syntax which is very fast:
acl aclname req_header header-name [-i] regex
Save and close the file.
Step 4: Reload squid server
To reload Squid Proxy Server without restarting squid daemon, enter:
sudo /usr/sbin/squid -k reconfigure
Step 5: Test it
Here is a sample screen showing blocked browser:
Fig.01: Firefox is blocked using Squid 3.x
References
- Squid configuration directive acl documentation.
0 comments:
Post a Comment