Configuring Squid to block ad sites

Introduction

Basic network is operational now, with a gateway and cache/proxy, and it is configured transparently with WCCP. Now, blocking some sites (mainly ads) is the next step.

Configuring Squid

First, beginning with an ACL that contains URLs/domains to be blocked, edit /etc/squid/squid.conf to add the following at the right place:

acl blocked_domains dstdomain .clicksor.com
acl blocked_domains dstdomain .paypopup.com
acl blocked_domains dstdomain .bidvertiser.com
acl blocked_domains dstdomain .zedo.com
acl blocked_domains dstdomain .quantserve.com
acl blocked_domains dstdomain .quantcast.com
acl blocked_domains dstdomain .dmoglobal.net
acl blocked_domains dstdomain ads.mininova.org
acl blocked_domains dstdomain .yieldmanager.com
acl blocked_domains dstdomain .bluelithium.com
acl blocked_domains dstdomain .pubmatic.com
acl blocked_domains dstdomain .adbrite.com
acl blocked_domains dstdomain .advertising.com
acl blocked_domains dstdomain .imvu.com
acl blocked_domains dstdomain .games888.com
acl blocked_domains dstdomain .firstperson.nl
acl blocked_domains dstdomain .mario-sonic.com
acl blocked_domains dstdomain .yahwroom.org
acl blocked_domains dstdomain .yieldmanager.edgesuite.net
acl blocked_domains dstdomain .z5x.net

Where blocked_domains is the ACL name, .domain.com (notice the dot in the beginning) is the domain (and all sub-domains) contained within.
Next is to tell Squid what to do with the ACL created, the following line has to be at the right place:

http_access deny blocked_domains

Here, Squid engine is told to deny access to any domain contained within the ACL blocked_domains.
With these steps indicated above, any domain can be denied access.Finally, the next command has to be issued every time after finishing:

#/etc/init.d/squid reload

Where Squid is instructed to reload its config file without restarting the full service.