[squid-users] host header forgery check in docker environment
squid3 at treenet.co.nz
Mon Jun 18 04:13:56 UTC 2018
On 18/06/18 02:08, Kedar K wrote:
> I am hitting this issue when running squid in a docker with ssl parent
Can you describe that a bit clearer please? An end-client, two proxies
and origin server makes four HTTP agents involved with this traffic.
Which of those proxies (and/or server) is inside the container?
And how are you getting the traffic from the client to the first proxy?
> Host header forgery detected on local=11 126.96.36.199:443
> FD 15 flags=33 (local IP does not match any domain IP)
> The host ip of the docker would not resolve to a domain. How to
> work-around this problem?
The agent being client for the proxy reporting this message apparently
thinks there is a origin server running at "188.8.131.52:443" hosting some
domain name. They are trying to contact that origin server.
More information about the squid-users