All Squid proxy server settings are made in the /etc/squid/squid.conf file. To start Squid for the first time, no changes are necessary in this file, but external clients are initially denied access. The proxy is available for localhost. The default port is 3128. The preinstalled configuration file /etc/squid/squid.conf provides detailed information about the options and many examples. Nearly all entries begin with # (the lines are commented) and the relevant specifications can be found at the end of the line. The given values almost always correlate with the default values, so removing the comment signs without changing any of the parameters actually has little effect in most cases. If possible, leave the sample as it is and insert the options along with the modified parameters in the line below. This way, the default values may easily be recovered and compared with the changes.



[Tip] Adapting the Configuration File after an Update
If you have updated from an earlier Squid version, it is recommended to edit the new /etc/squid/squid.conf and only apply the changes made in the previous file. If you try to use the old squid.conf, risk that the configuration no longer works, because options are sometimes modified and new changes added.

31.4.1. General Configuration Options (Selection)

http_port 3128

This is the port on which Squid listens for client requests. The default port is 3128, but 8080 is also common. If desired, specify several port numbers separated by blank spaces.

cache_peer hostname type proxy-port icp-port

Here, enter a parent proxy, for example, if you want to use the proxy of your ISP. As hostname, enter the name and IP address of the proxy to use and, as type, enter parent. For proxy-port, enter the port number that is also given by the operator of the parent for use in the browser, usually 8080. Set the icp-port to 7 or 0 if the ICP port of the parent is not known and its use is irrelevant to the provider. In addition, default and no-query may be specified after the port numbers to prohibit the use of the ICP protocol. Squid then behaves like a normal browser as far as the provider's proxy is concerned.

cache_mem 8 MB

This entry defines the amount of memory Squid can use for very popular replies. The default is 8 MB. This does not specify the memory usage of Squid and may be exceeded.

cache_dir ufs /var/cache/squid/ 100 16 256

The entry cache_dir defines the directory where all the objects are stored on disk. The numbers at the end indicate the maximum disk space in MB to use and the number of directories in the first and second level. The ufs parameter should be left alone. The default is 100 MB occupied disk space in the /var/cache/squid directory and creation of 16 subdirectories inside it, each containing 256 more subdirectories. When specifying the disk space to use, leave sufficient reserve disk space. Values from a minimum of 50% to a maximum of 80% of the available disk space make the most sense here. The last two numbers for the directories should only be increased with caution, because too many directories can also lead to performance problems. If you have several disks that share the cache, enter severalcache_dir lines.

cache_access_log /var/log/squid/access.log, cache_log /var/log/squid/cache.log, cache_store_log /var/log/squid/store.log

These three entries specify the paths where Squid logs all its actions. Normally, nothing is changed here. If Squid is experiencing a heavy usage burden, it might make sense to distribute the cache and the log files over several disks.

emulate_httpd_log off

If the entry is set to on, obtain readable log files. Some evaluation programs cannot interpret this, however.

client_netmask 255.255.255.255

With this entry, mask IP addresses of clients in the log files. The last digit of the IP address is set to zero if you enter 255.255.255.0 here. You may protect the privacy of your clients that way.

ftp_user Squid@

With this, set the password Squid should use for the anonymous FTP login. It can make sense to specify a valid e-mail address here, because some FTP servers check these for validity.

cache_mgr webmaster

An e-mail address to which Squid sends a message if it unexpectedly crashes. The default is webmaster.

logfile_rotate 0

If you run squid -k rotate, Squid can rotate secured log files. The files are numbered in this process and, after reaching the specified value, the oldest file is overwritten. The default value is 0 because archiving and deleting log files is carried out by a cron job set in the configuration file /etc/logrotate/squid.

append_domain <domain>

With append_domain, specify which domain to append automatically when none is given. Usually, your own domain is entered here, so entering www in the browser accesses your own Web server.

forwarded_for on

If you set the entry to off, Squid removes the IP address and the system name of the client from HTTP requests. Otherwise it adds a line to the header like

X-Forwarded-For: 192.168.0.1

negative_ttl 5 minutes; negative_dns_ttl 5 minutes

Normally, you do not need to change these values. If you have a dial-up connection, however, the Internet may, at times, not be accessible. Squid makes a note of the failed requests then refuses to issue new ones, although the Internet connection has been reestablished. In a case such as this, change the minutes to seconds then, after clicking Reload in the browser, the dial-up process should be reengaged after a few seconds.

never_direct allow acl_name

To prevent Squid from taking requests directly from the Internet, use the above command to force connection to another proxy. This must have previously been entered in cache_peer. If all is specified as the acl_name, force all requests to be forwarded directly to the parent. This might be necessary, for example, if you are using a provider that strictly stipulates the use of its proxies or denies its firewall direct Internet access.

31.4.2. Options for Access Controls

Squid provides a detailed system for controlling the access to the proxy. By implementing ACLs, it can be configured easily and comprehensively. This involves lists with rules that are processed sequentially. ACLs must be defined before they can be used. Some default ACLs, such as all and localhost, already exist. However, the mere definition of an ACL does not mean that it is actually applied. This only happens in conjunction with http_access rules.

acl <acl_name> <type> <data>

An ACL requires at least three specifications to define it. The name <acl_name> can be chosen arbitrarily. For <type>, select from a variety of different options, which can be found in the ACCESS CONTROLS section in the /etc/squid/squid.conf file. The specification for <data> depends on the individual ACL type and can also be read from a file, for example, via hostnames, IP addresses, or URLs. The following are some simple examples:

acl mysurfers srcdomain .my-domain.com
acl teachers src 192.168.1.0/255.255.255.0
acl students src 192.168.7.0-192.168.9.0/255.255.255.0
acl lunch time MTWHF 12:00-15:00

http_access allow <acl_name>

http_access defines who is allowed to use the proxy and who can access what on the Internet. For this, ACLs must be given. localhost and all have already been defined above, which can deny or allow access via deny or allow. A list containing any number of http_access entries can be created, processed from top to bottom, and, depending on which occurs first, access is allowed or denied to the respective URL. The last entry should always be http_access deny all. In the following example, the localhost has free access to everything while all other hosts are denied access completely.

http_access allow localhost
http_access deny all

In another example using these rules, the group teachers always has access to the Internet. The group students only gets access Monday to Friday during lunch time.

http_access deny localhost
http_access allow teachers
http_access allow students lunch time
http_access deny all

The list with the http_access entries should only be entered, for the sake of readability, at the designated position in the /etc/squid/squid.conf file. That is, between the text

# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR
# CLIENTS

and the last

http_access deny all

redirect_program /usr/bin/squidGuard

With this option, specify a redirector such as squidGuard, which allows blocking unwanted URLs. Internet access can be individually controlled for various user groups with the help of proxy authentication and the appropriate ACLs. squidGuard is a separate package that can be installed and configured.

auth_param basic program /usr/sbin/pam_auth

If users must be authenticated on the proxy, set a corresponding program, such as pam_auth. When accessing pam_auth for the first time, the user sees a login window in which to enter the username and password. In addition, an ACL is still required, so only clients with a valid login can use the Internet:

acl password proxy_auth REQUIRED

http_access allow password
http_access deny all

The REQUIRED after proxy_auth can be replaced with a list of permitted usernames or with the path to such a list.

ident_lookup_access allow <acl_name>

With this, have an ident request run for all ACL-defined clients to find each user's identity. If you apply all to the <acl_name>, this is valid for all clients. Also, an ident daemon must be running on all clients. For Linux, install the pidentd package for this purpose. For Microsoft Windows, free software is available for download from the Internet. To ensure that only clients with a successful ident lookup are permitted, define a corresponding ACL here:

acl identhosts ident REQUIRED

http_access allow identhosts
http_access deny all

Here, too, replace REQUIRED with a list of permitted usernames. Using ident can slow down the access time quite a bit, because ident lookups are repeated for each reques

Read More

Each and every people in the world wants to monetize their precious time with the help of various resources either offline or online. If we talk about making money online then not a single person deny the fact that Google AdSense program is one of the best resource for earning handsome money from your Blogs, Websites, Mobile sites, Games, YouTube Videos and site search results etc.

Did you know? It was June 18, 2003 when Google launched advertising monetization program named Google AdSense which has now grown to include over 2 million publishers (including me) who earned more than $7 billion from AdSense in the year, 2012 alone.

Moreover, Indian AdSense Publishers will now get their AdSense earnings directly into their bank account through EFT payment system which has newly available to them with effect from March, 2014.

Now, come to the point that how to get Google AdSense Approval for your Blog or Website. Well! This is one of the frequently asked questions by our readers that why their application get rejected for Google AdSense.

Here is the extract of Email received from adsense-noreply@google.com by applicant for the subject – “Your AdSense application status”:-

“Thank you for your interest in Google AdSense. Unfortunately, after reviewing your application, we’re unable to accept you into AdSense at this time.”

OR

If someone is already earning from YouTube videos, they may get email like this:-

“Thank you for your interest in expanding your Google AdSense account to implement ad code on your own website. Unfortunately, after reviewing your application, we’re unable to approve this application for the time being. Your existing AdSense account that allows you to show ads on partner sites is not affected by this disapproval.”

Most of the common reasons/issues for disapproval are:

Site does not comply with Google policies
Site does not comply with the Google AdSense program policies
Insufficient content (as explained in later para)
Site does not adhere to the Webmaster Quality guidelines
If you are one of those applicants whose AdSense application has been rejected again and again then please ask from yourself only one question:-

Why Should Someone visit your Site First?

I am sure you will get your answer and you will get your approved AdSense account thereafter. The good news is that now you will be able to immediate access to your AdSense account once you sign up.

How to participate in Google AdSense Program

Actually, there are some basic requirement for eligibility to participate in AdSense online program which has been briefly discussed hereunder:

A) Google Account:

I know that most of you have already Gmail account and if you haven’t then please create a Google account needed to sign in to AdSense. All information regarding acceptance, rejection, payments etc. in relation to AdSense will be mailed to your Gmail account by Google AdSense Team.

You should always be careful while providing your personal details at the time of creating a new Google Account. This is because if you will provide wrong information like Full Name, Age and Address etc. then your application might be rejected by AdSense team.

B) Age Requirement:

In accordance with the AdSense Terms and Conditions, applicants must be at least 18 years of age. Thus, if you are not 18 years old then you will not be able to participate in Google AdSense irrespective of satisfying all other conditions.

In that case there is a simple trick that you may provide your parents or guardian name instead of yours at the time of making application (see the procedure below) while signing up for AdSense Program.

C) Blog or Website:

Yes! If you are running your own website then it is OK otherwise you should have to create one free Blog with Blogger.com to monetize the contents on your Blogger Blogs or Websites. However, if you have more than one blog/site then please provide the address of your best site which comply all conditions mentioned as under.

1) Website/Blog Ownership:

It is compulsory to have your own site or blog so that you can access the HTML source code to place the AdSense Ad Units code which displays Ads on your site. Otherwise your AdSense account shall not be approved on final review made by AdSense team.

It is not mandatory that you must have a custom domain for your blogger blog but I strongly recommend you to purchase a domain preferably top level domain like aubsp.com, and example.net etc. for your BlogSpot.com blogs.

2) Website/Blog Contents:

Think as an advertiser’s point of view that why you will go for a site which has not quality contents. Remind one thing that AdSense works by crawling the contents of each and every single webpages on your blog/site.

i) Post Quality: I mean every webpage contain enough textual contents to complete the whole story and topic you are willing to s pread online. This will make happy to your blog readers because they gets complete information and answer for which they have visited your site.

Note that you may not fix the length of any post which results quality contents for Google AdSense. However, I personally opines that an article written within 500-800 words is more than enough instead of writing too short post with just 100-150 words.

ii) Post Quantity: If you want to get one short approval for AdSense program then please make sure you post at least 3-5 posts on weekly basis unless and until your blog/site get approved by AdSense Team.

Google has not specified any magic number of posts to be required for AdSense approval. But, in my opinion if your blog have more than 25 good quality articles then your blog is ready for applying for AdSense.

It is the quality and not the quantity of your blog posts which AdSense team consider at the time of reviewing your blog/site for AdSense approval.

iii) Insufficient content: Your webpages should have sufficient text, I mean to say maximum text with complete sentences and paragraphs, not only headlines. This is because if your site contain mostly images and videos then your application will not be approved.

iii) Original Contents: Your site contents must be original and not a copy paste from other website/blog or anywhere else. Therefore, you should not use copyrighted material in any manner on your site. If you are using any copyrighted textual contents, images, videos etc. then it violate AdSense content policy. Some webmasters uses images for their posts either from Search Engine Result Pages (SERPS) or other sites without

iv) Regularly Updated Contents: Suppose someone has posted 50 posts in a single day or week to get approved for AdSense and thereafter not posted a single post within week or even a month.

Thus, please keep updating/posting on your blog on regular basis so that your approved AdSense Account will not disapprove or disable within a short span of time.

3) Website/Blog Age:

To ensure the quality contents and keeping in mind the interest of Google Advertisers, Google AdSense has specified that the Indian and Chinese AdSense Publishers required to have owned their sites for at least 6 months. Accordingly, except India and China, there is no any minimum age obligation for either blogger blog or website to participate in Google AdSense Program.

However, you have to ensure that your website is live and not in a beta mode or  under construction phase before you apply for AdSense Program. Thus, placing ad code on a website which is not fully launched or only consist a website template will not get final approval.

4) Website/Blog Language:

You may write your site or BlogSpot.com blog in so many languages. However, AdSense Program is not available for all languages including HINDI (supports w.e.f. Dec 2014), Bengali, Gujarati, Panjabi, Telugu, Afrikaans, Irish, Latin etc. and therefore the primary language of your site must be in the AdSense supported languages.

5) Traffic sources:

Your blog/site traffics must come from the genuine sources. In other words, if you got the visitors through Search Engines, Social media and feed subscribers then it is good for the AdSense approval.

But, if you send bulk SMS, Email with your site links or asked your friends/relatives/students at large to daily visit your blog without any interest then it will impact badly on your site. Further, if your blog is not receiving at least 25-30 unique visitors per day then please wait for some time to get more organic traffics on your site and then apply.

I strongly recommend you to sign in to Google Analytics and Webmaster tools which help you to understand your blog/site contents, live visitors, unique page views, and traffic sources in dynamic ways.

D) Non-Google Ads:

You are free to use any third party advertisements on the same blog or webpage for which you are going to apply AdSense Program. In other words, there is no restriction to display Google Ads on your blog having Ads from Infolinks, BuySellAds, Clicksor, Chitika, Amazon Associates, Media.net etc.

However, you should make sure that your site does not contain many third party advertisements. This is because your site will looks like advertisement based rather contents based and that type of website does not qualify for AdSense.

E) Apply for AdSense Program:

Now, you are ready to Sign up for AdSense Program. There are two-step application approval process under AdSense program.

1) Sign-up and Place ad units: Google has now made signing process more faster and easier with effect from Thursday, October 08, 2015. So, you may click here to sign up for your AdSense account and get instant access to your AdSense account.

After log in to your AdSense account, you should create and place your first AdSense Ad Units code on your blog/site. If you a blogger user you may use our encode decode tool to convert ad unit code before using on your blogger blog.

Note that this will not display any Ads on your live webpage rather it shows only blank ad units until your will get fully approved AdSense account. Earlier, you would have to wait for some days or weeks for the preliminary checks to verify the information provided at the time of submitting your AdSense application. And after verification of your information (Your Name, Address and Blog/site URL etc.) , you were able to create your first AdSense Ad Unit.

2) Final Approval: Now, you will get response within 24 hours from specialists of Google AdSense Team regarding the final status of your application after you add the code to your site.

However, this process may takes 1-2 days. Did you know? Previously, the same process was completed after  5-7 days. Finally, you will receive an email letting you know that your AdSense account has been approved. Otherwise, you’ll receive an email on your registered Email ID explaining the disapproval reason and the possible next steps that you can take to get approved account.

Once you got fully activated AdSense account, the Google Ads will appears on your approved website/blog and the red bar across the top of AdSense Account will disappear.

Recommended Read:

a) Countries where the new AdSense application process is available.

b) Why Use Google AdSense to Monetise Your Online Contents?

c) Keep your AdSense Account safe by adhering Program Policies.

Please feel free to ask any questions regarding Google AdSense Program through comments or you may directly Contact Sales of Google AdSense support team. Enjoy!

Read More