15.4. Configuring a Domain Blacklist in Squid
- Squid is configured, and users can use the proxy.
- Edit the
/etc/squid/squid.conffile and add the following settings:
acl domain_blacklist dstdomain "/etc/squid/domain_blacklist.txt" http_access deny all domain_blacklist
ImportantAdd these entries before the first
http_access allowstatement that allows access to users or clients.
- Create the
/etc/squid/domain_blacklist.txtfile and add the domains you want to block. For example, to block access to
example.comincluding subdomains and to block
ImportantIf you referred to the
/etc/squid/domain_blacklist.txtfile in the squid configuration, this file must not be empty. If the file is empty, Squid fails to start.
- Restart the
# systemctl restart squid