Setting up Tinyproxy

barbed-wire fence

I use tinyproxy for a number of reasons, probably chief among them to block my own thoughtless access to sites that are the biggest time-sinks for me. Blocking these sites has been effective in breaking the bad habit of dipping in and losing an hour or two with little to show for it. But you can do other things, too, like make some headway in protecting your privacy while browsing by blacklisting tracking and ad sites. Below is a quick run-down on how to get up and running.

Install Tinyproxy

Use a package manager to install tinyproxy. If you're using an apt-based distribution, do the following (with proper privileges):

apt-get install tinyproxy

Configure and Turn on Filtering

Edit the /etc/tinyproxy.conf file. Change ViaProxyName to something else, if you want. Turn on the Filter line and set its value to the path of your filter file, something like /etc/tinyproxy.filter. Turn on the FilterExtended option, which enables POSIX extended regexes for filter file entries.

Add Entries to Blacklist

Edit the filter file, e.g. /etc/tinyproxy.filter. Add one domain per line, like below:

twitter.com
www.twitter.com
facebook.com

These are explicit entries, but you can also do regexes, as mentioned above. For example, block facebook.com and all hosts at that domain with the following line:

(.*\.)?.facebook.com

If you have or can find a good Squid-formatted ACL, you can convert its entries, which look like this:

.facebook.com

...to tinyproxy filter regexes. I do this in vim by reading the Squid ACL into my filter file, highlighting the entries, then applying this regex:

'<,'>s/\v^\./(.*\\.)?/g

Reload the Tinyproxy Config (or Restart)

Reload the tinyproxy configuration and filter file. On Ubuntu and similar distributions, you can bump tinyproxy like this:

service tinyproxy reload

Try It

When you try to navigate in your browser to one of the blacklisted domains, you should see the following (unless it's HTTPS, which will just show an error):

screenshot of the 403 Filtered response from tinyproxy