You can configure Squid to prompt users for a username and password. Squid comes with a program called ncsa_auth that reads any NCSA-compliant encrypted password file. You can use the htpasswd program that comes installed with Apache to create your passwords.
Create the password file. The name of the password file should be /etc/squid/squid_passwd, and you need to make sure that it’s universally readable
touch /etc/squid3/squid_passwd chmod o+r /etc/squid3/squid_passwd
Use the htpasswd program to add users to the password file. You can add users at anytime without having to restart Squid. In this case, you add a username called admin
htpasswd /etc/squid3/squid_passwd admin New password: Re-type new password: Adding password for user admin
Find your ncsa_auth file using the locate command.
locate ncsa_auth /usr/lib/squid3/ncsa_auth
Edit squid.conf…..specifically, you need to define the authentication program in squid.conf, which is in this case ncsa_auth. Next, create an ACL named ncsa_users with the REQUIRED keyword that forces Squid to use the NCSA auth_param method you defined previously. Finally, create an http_access entry that allows traffic that matches the ncsa_users ACL entry
# # Add this to the auth_param section of squid.conf # auth_param basic program /usr/lib/squid3/ncsa_auth /etc/squid3/squid_passwd # # Add this to the bottom of the ACL section of squid.conf # acl ncsa_users proxy_auth REQUIRED # # Add this at the top of the http_access section of squid.conf # http_access allow ncsa_users
May be a modified my acl & http_access will be like this
acl my_network src 192.168.1.0/24 acl ncsa_users proxy_auth REQUIRED acl work_hours time SMTWHFA 07:00-21:00 http_access allow my_network ncsa_users work_hours
Restart squid 🙂
If denied…..