diff --git a/e2e/tests/visual.spec.ts b/e2e/tests/visual.spec.ts
index edbba17..e455046 100644
--- a/e2e/tests/visual.spec.ts
+++ b/e2e/tests/visual.spec.ts
@@ -180,7 +180,7 @@ const playwright = require('playwright');
 })();`)
     })
     await Promise.all([
-      page.getByText("Status: 500").waitFor(),
+      page.getByText("Status: 403").waitFor(),
       page.getByRole('button', { name: 'Run'}).click(),
     ])
   })
diff --git a/squid/Dockerfile b/squid/Dockerfile
index cd543bf..5c61a54 100644
--- a/squid/Dockerfile
+++ b/squid/Dockerfile
@@ -1,9 +1,9 @@
-FROM alpine:3.16
+FROM alpine:3.23
 
 EXPOSE 3128
 
-ADD ./squid/squid.conf /etc/squid/squid.con
+ADD ./squid/squid.conf /etc/squid/squid.conf
 
-RUN apk add squid=5.5-r1
+RUN apk add squid=7.3-r0
 
 ENTRYPOINT ["squid", "-f", "/etc/squid/squid.conf", "-NYCd", "1"]
diff --git a/squid/squid.conf b/squid/squid.conf
index 3cbbe10..395991f 100644
--- a/squid/squid.conf
+++ b/squid/squid.conf
@@ -29,6 +29,12 @@ http_access deny to_localhost
 # INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
 #
 
+# Example rule allowing access from your local networks.
+# Adapt localnet in the ACL section to list your (internal) IP networks
+# from where browsing should be allowed
+http_access allow localnet
+http_access allow localhost
+
 # And finally deny all other access to this proxy
 http_access deny all