[squid-users] cgi-bin
Amos Jeffries
squid3 at treenet.co.nz
Fri Jun 12 01:57:01 UTC 2015
On 11/06/2015 8:55 a.m., Marcel Fossua wrote:
> Hi Mate
> I have this set on my squid.conf
> but seems that this is obsolete so how can nicely convert that for that
> version is true that log suggest
> always_direct
>
> hierarchy_stoplist cgi-bin ? .js .jsp
> acl QUERY urlpath_regex cgi-bin \? .js .jsp
> no_cache deny QUERY
Youch.
>
> 2015/06/10 20:53:42| ERROR: Directive 'hierarchy_stoplist' is obsolete.
> 2015/06/10 20:53:42| hierarchy_stoplist : Remove this line. Use
> always_direct or cache_peer_access ACLs instead if you need to prevent
> cache_peer use.
>
> just to confirm this is the right way ??
> always_direct cgi-bin ? .js .jsp
> acl QUERY urlpath_regex cgi-bin \? .js .jsp
> no_cache deny QUERY
No. Those regex patterns are quite badly broken.
If I make a few assumtions about what those lines are supposed to means
I guess you are wanting this:
acl QUERY urlpath_regex /cgi-bin/ \? \.jsp?
cache deny QUERY
always_direct allow QUERY
Although. I question what you think it does, and why you think you need
it at all.
Modern Squid are perfectly capable of caching dynamic content. And there
does not seems to be any obvious reason for avoiding requesting it
through a trusted peer proxy if other traffic is fine going there.
In other words, unless you have good reason for keeping it, you can
erase all the above lines. Just make sure you have the refresh_pattern
rule for safe storage of cgi-bin responses just above the '.'
refresh_pattern:
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
Amos
More information about the squid-users
mailing list