Installing TinyProxy as Squid Proxy Server Alternative

Tinyproxy is a light-weight HTTP proxy daemon for POSIX operating systems. It is distributed using the GNU GPL license version 2 or above, so we can download it and install it on our Linux server freely.

Tinyproxy is a light-weight alternative for the well known Squid proxy server. It’s really memory efficient so it will run perfectly fine in small VPS (Virtual Private Server) and being used for several users. Several features of Tinyproxy are:

  • Small footprint: Tinyproxy requires very little in the way of system resources. The memory footprint tends to be around 2 MB with glibc, and the CPU load increases linearly with the number of simultaneous connections (depending on the speed of the connection). Thus, Tinyproxy can be run on an older machine, or on a network appliance such as a Linux-based broadband router, without any noticeable impact on performance.
  • Minimal requirements: Tinyproxy doesn’t require anything more than a POSIX environment to build and operate. It can use additional libraries to add functionality though.
  • Easily modified: If you’re looking to build a custom web proxy, Tinyproxy is very easy to modify to your custom needs. The source is straightforward, adhering to the KISS principle. As such, it can be used as a foundation for anything you may need a web proxy to do.
  • Anonymous mode: Allows you to specify which HTTP headers should be allowed through, and which should be blocked. This allows you to restrict both what data comes to your web browser from the HTTP server (eg., cookies), and to restrict what data is allowed through from your web browser to the HTTP server (eg., version information).
  • Remote monitoring: Using the remote monitoring feature, you can access proxy statistics from afar, letting you know exactly how busy the proxy is.
  • Load average monitoring: Tinyproxy can be configured to watch the load average on most platforms, and start refusing requests when the load reaches a certain point. You may recognize this feature from Sendmail.
  • Access control: You can configure Tinyproxy to only allow requests from a certain subnet, or from a certain interface, thus allowing you to ensure that random, unauthorized people will not be using your proxy.
  • Secure: With a bit of configuration (specifically, making the log file owned by nobody and running it on a port > 1024), Tinyproxy can be made to run without any special privileges, thus minimizing the chance of system compromise. Furthermore, it was designed with an eye towards preventing buffer overflows. The simplicity of the code ensures it remains easy to spot such bugs.

In this tutorial, we’ll install Tinyproxy on Linux Centos 5.3 VPS, the first step is to add EPEL yum repository:

Then run a yum update and install Tinyproxy:

After installation finished now we need to modify its configuration file to match with our requirements.

Search  for:

and change the port number to 8080 (you can change to other port number) so it’ll look like:

Next step is to configure Tinyproxy to only accept connection from our IP address. Search for:

And add this text under it:

So it’ll look like:

To check what your IP address is, go to www.whatismyip.com

Now close and save the configuration file by pressing ctrl + x and then press enter

Start Tinyproxy by executing this command:

Next step is to configure your browser to use proxy server. Add your VPS’ IP address on the proxy server address on your browser and port 8080 as the port number. To check whether you are now connected through the proxy server or not, go to www.whatismyip.com and you’ll see “Possible Proxy Detected” under your IP address information.

4 thoughts on “Installing TinyProxy as Squid Proxy Server Alternative”

  1. FYI, to allow a connection from your IP address, you can also use a domain string instead of an IP address. For example, if you are connected to your ISP as something-adsl-sanfran-comcast.com, you could specify “Allow adsl-sanfran-comcast.com”, which would allow all Comcast ADSL users in San Francisco to connect.

    Obviously, you can further restrict it to tighten it down. The point is, you don’t have to use an IP address.

    1. this would allow anybody that use the same ISP to connect to your proxy server which can result bandwidth theft, slow down your connection, etc. i’m not suggesting it.

Leave a Reply

Your email address will not be published. Required fields are marked *