How to Set Up an Anonymous Proxy Server on CentOS 7 using Squid

Most users don’t realise that when using a simple HTTP proxy, your IP can be exposed to the web server within your headers – you may have seen these named as an “Elite Proxy” before – this type of proxy ultimately makes you anonymous by hiding your actual IP address and not telling the web server that you’re using a proxy. So the webserver will see that your IP is your proxy IP (but can’t tell you’re using a proxy).

Edit the Squid config /etc/squid/squid.conf and add the following lines:

# Do not show client IP address
forwarded_for off
via off
# Prefer IPv4
dns_v4_first on
# Bypass all validation errors, and do not verify
sslproxy_cert_error allow all
sslproxy_flags DONT_VERIFY_PEER

# Request Headers
## Deny following requests for an anonymous config
request_header_access Via deny all
request_header_access Forwarded-For deny all
request_header_access X-Forwarded-For deny all
request_header_access Referer deny all
request_header_access From deny all
request_header_access Cookie deny all

## Allow all Others
request_header_access All allow all

# Replace User-agent string
request_header_replace User-Agent 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.82 Safari/537.36'

# Reply Headers
## Deny following replies for an anonymous config
reply_header_access Via deny all
reply_header_access Server deny all
reply_header_access WWW-Authenticate deny all
reply_header_access Link deny all
reply_header_access Cookie deny all

## Allow all others 
reply_header_access All allow all

Restart the squid service to reload the configuration:

service squid restart

Now when you visit most proxy-checking sites, it will not show as a proxy IP.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.