[squid-users] Configuring squid reverse proxy

Antony Stone Antony.Stone at squid.open.source.it
Wed Aug 12 12:52:36 UTC 2015

On Wednesday 12 August 2015 at 14:38:55, joseph jose wrote:

> Hi,
> I have set up squid in reverse proxy mode to cache an apache webserver
> hosted in linux vm.
> IP of my squid reverse proxy is and is the ip of
> webserver which is also a linux vm

Your squid server has only one interface and IP address?

> my config is as follows
> #acl squidallow dstdomain testsquid.com
> #
> #
> #http_port accel defaultsite=testsquid.com
> #
> #
> #cache_peer parent 80 0 no-query originserver name=squidtest
> #cache_peer_access squidtest allow allowsquid

I sincerely hope you don't mean that these directives are all commented out, 
thus not having any effect?

Even if they're not commented out, do you see the discrepancy between 
"squidallow" in the first line and "allowsquid" in the last?

> In the squid proxy machine i have edited the host file and set
> testsquid.com (which is the ip of proxy machine itself), as proxy
> is configured in reverse mode, it is supposed to serve the static page
> from webserver (

What's more important than /etc/hosts on the squid server is what machine you 
are running the browser on, and what does *that* machine resolve testsquid.com 

> But when i open browser and search for testsquid.com, squid is logging
> request but returning a TCP_DENIED/403 status.

Sounds like the browser is successfully seeing testsquid.com as, 
then, however you should be careful about trying to run tests like this on too 
few machines - you should have the browser on one machine, squid on a second, 
and the web server on a third (no matter whether any of these are real 
machines or VMs).



Users don't know what they want until they see what they get.

                                                   Please reply to the list;
                                                         please *don't* CC me.

More information about the squid-users mailing list