Download the squidguardmgr-1.4.tar.gz file from http://sourceforge.net/projects/squidguardmgr/
Make sure that the “squidguard” files are owned by the user that runs squid.
chmod -R squid:squid /usr/local/squidGuard
or
chmod -R squid:squid /etc/squidguard.conf /var/lib/squidguard
You will need to get httpd (apache) to run as the squid user in order for squidguard GUI frontend to interact with the squidguard files you need to get “httpd” (apache) to run as the squid user. You can change who runs httpd by editing the /etc/httpd/conf/httpd.conf file and change the default user to the squid user.
#User apache
#Group apache
User squid
Group squid
Untar the squidguardmgr-1.4.tar.gz – browse to the directory and run the following:
perl Makefile.PLmake && make install
If, for some reason the installation doesn't work – do the following manually:
Copy all files from the “untared directory's” cgi-bin repository into the CGI script directory of your choice – maybe create your own directory, for example “/var/www/squidcgi-bin”, that way you won't mess with the default “cgi-bin” directory. Check that squidguardmgr.cgi can be executable by your Apache server and chown the entire directory to the user and group running httpd.
Copy all files from the htdocs repository into your DocumentRoot directory or any other subdirectory and check that they can be read by your httpd server. For example, create a folder called /var/www/html/squidguardmgr
Edit the squidguardmgr.conf file into you cgi directory and check that all path are conform to your installation.
The above requires you make some adjustments to your /etc/httpd/conf/httpd.conf file.
First – ensure that scripts can run from your new /var/www/squidcgi-bin directory. To do this enter the following in the /etc/httpd/conf/httpd.conf file.
ScriptAlias /squidguardmanager/ "/var/www/squidcgi-bin/"
<Directory /var/www/squidcgi-bin>
Options +ExecCGI
AddHandler cgi-script .cgi
DirectoryIndex squidguardmgr.cgi
AllowOverride none
Order allow,deny
Allow from all
</Directory>
You might will probably need to set a password on both the /var/www/html/squidguardmgr directory and the /var/www/squidcgi-bin/, otherwise users will be able to edit the squidguard files from the web interface.
Restricting access to your "squidguard manager GUI"
Edit your etc/httpd/conf/httpd.conf file and add the following line
AccessFileName .htaccess
Create the file in the folder you want to block access to and add the following content
AuthName "Put a message in here"
AuthType Basic
AuthUserFile /var/www/passwords/.htpasswd
AuthGroupFile /dev/null
require user admin
Create a file called “/var/www/passwords/.htpasswd” as per the above file. This is where the user name and password for the “admin” user mentioned above will be stored.
Create a new user called “admin” with the following command:
htpasswd -c /var/www/passwords/.htpasswd admin
Now you need to edit the /etc/httpd/conf/httpd.conf file and tell apache to require a password for the “squidguardmgr” folder as follows:
AllowOverride ALL
The above changes the default “AllowOverride none” to ALL. You can copy the htaccess file into whatever folder you want to block access to
You will need to do the same for the "squidcgi-bin" folder too as follows:
Options +ExecCGI
AddHandler cgi-script .cgi
DirectoryIndex squidguardmgr.cgi
AllowOverride ALL
Order allow,deny
Allow from all
The .htaccess file in the “squidcgi-bin” folder and the “squidguardmgr” folder needs to be exactly the same so you won't get asked for the password twice.
