[squid-users] allow certian user ips to access only 2 domains and disallow everything

Eliezer Croitor ngtech1ltd at gmail.com
Wed Nov 4 13:08:02 UTC 2020

Hey Simon,


I have seen these websites and it seems that some content which is used in them is from CDNs or other domains.

It’s very important to include specific domains like in the url:



For these sites to work properly.


You can try to run a more complex config which can or might take into account the Referrer header in the Request

It will probably only work if SSL bump is configured in your setup and it’s not the most secure way to allow sites.

I am only offering this as a it can be limited to specific domains such as cdns or specific hosted services.


All The Bests,



Eliezer Croitoru

Tech Support

Mobile: +972-5-28704261

Email:  <mailto:ngtech1ltd at gmail.com> ngtech1ltd at gmail.com


From: squid-users <squid-users-bounces at lists.squid-cache.org> On Behalf Of simon ben
Sent: Friday, October 16, 2020 12:21 PM
To: squid-users at lists.squid-cache.org
Subject: [squid-users] allow certian user ips to access only 2 domains and disallow everything


I have squid running perfectly fine on centos 7 64 bit with no issues

I want to allow certain user ips to access a few sites and block everything else so below is the config

the sites are 

1) paloaltonetworks.com

2) redcloak.secureworks.com


in squid.conf


acl userlist src "/etc/squid/userlist"

acl sitelist dstdomain "/etc/squid/sitelist"

http_access allow userlist sitelist




user list file has the ips




site list file has the sites









www.paloaltonetworks.com <http://www.paloaltonetworks.com> 





I see that the first page and some links are working but some do not . also there is a huge deny logs in squid access logs

appreciate if you can advise me on how i can have the above access list so as to have minimum denies when being accessed from the above ips



Thanks and Regards







-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20201104/a2fdf620/attachment.htm>

More information about the squid-users mailing list