[squid-users] https requests the squid rejects the connection
squid3 at treenet.co.nz
Mon Aug 20 20:02:44 UTC 2018
On 21/08/18 6:45 AM, Marcelo J. Martinez wrote:
> sorry, it's a mistake to copy and paste.
> the configuration is:
> # Only allow cachemgr access from localhost
> http_access allow manager localhost
> http_access deny manager
> # Deny requests to unknown ports
> http_access deny !Safe_ports
> # Deny CONNECT to other than SSL ports
> http_access deny CONNECT !SSL_ports
FYI: current recommended config has the manager lines after the CONNECT
line, that makes Squid a tiny bit faster and safer against CONNECT to
the manager URLs.
That will not solve your current issue though. As Matus said the log
entry (access.log) for the transaction is needed for more info about
what is going on - in particular the URL which is being denied.
I suspect it is simply a normal HTTP request to a port you were not
expecting. You did reduce the Safe_Ports ACL definition significantly.
More information about the squid-users