[squid-users] remove all squid pages & errors pages footprints
eliezer at ngtech.co.il
Mon Nov 21 17:52:34 UTC 2016
The first step would be to firewall your proxy and allow\use it only for
your real users.
Other IP’s should not have access to telnet\netcat or contact your service
Eliezer Croitoru <http://ngtech.co.il/lmgtfy/>
Linux System Administrator
Email: eliezer at ngtech.co.il
From: squid-users [mailto:squid-users-bounces at lists.squid-cache.org] On
Behalf Of --Ahmad--
Sent: Sunday, November 20, 2016 13:22
To: Amos Jeffries <squid3 at treenet.co.nz>
Cc: squid-users at lists.squid-cache.org
Subject: Re: [squid-users] remove all squid pages & errors pages footprints
thanks for that info .
i already did as below :
1- i didn’t touch any squid files
and compiled with the option u told me and added the tcp reset acl.
that was fine when i open websites with error i was seeing” tcp reset “ and
thats fine .
but there is other stuff I’m worry about .
if someone do telnet to squid … he can still squid headers
check below :
Ahmads-MacBook-Pro:~ ahmad$ telnet x.x.237.187 4000
Connected to li666-177.members.linode.com
Escape character is '^]'.
get / HTTP /
HTTP/1.1 403 Forbidden
Date: Sun, 20 Nov 2016 11:18:21 GMT
X-Squid-Error: TCP_RESET 0
X-Cache: MISS from Googlechrome
X-Cache-Lookup: NONE from Googlechrome:4000
resetConnection closed by foreign host.
as you see there are squid footprints above …. how can i hide it ??
i want to remove ((Server: squid/3.5.22))
again i want to protect squid from being scanned and flagged as open proxy
On Nov 19, 2016, at 1:19 PM, Amos Jeffries <squid3 at treenet.co.nz
<mailto:squid3 at treenet.co.nz> > wrote:
On 19/11/2016 11:40 p.m., --Ahmad-- wrote:
hi squid users .
im willing to have squid errors or any foot prints to be removed .
as an example if was error access denied or dns name problem …. i don’t
want any squid footprints to be shown .
i would prefer to have blank page better
where should i look @ before compilation ?
1) *Replace* all the files in errors/templates with empty files of same
2) Build Squid with --disable-auto-locale.
3) add the following to squid.conf
acl errors http_status 400-599
deny_info TCP_RESET errors
http_reply_access deny errors
Good luck dealing with the results (you are going to need it).
squid-users mailing list
squid-users at lists.squid-cache.org
<mailto:squid-users at lists.squid-cache.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 67589 bytes
Desc: not available
More information about the squid-users