[squid-users] Access based on auth and referer
Amos Jeffries
squid3 at treenet.co.nz
Mon Mar 6 06:34:57 UTC 2023
On 5/03/2023 10:44 pm, Dott. Matteo Savatteri wrote:
>
> Hello fellow Squid users,
>
> we use Squid 3.5 at my company and we want to give access to all sites
> to authenticated users. If a user is not authenticated we need to
> allow only HTTP/S requests that present a referer header matching a
> regex. Is this even possible?
>
> I have tried a combination of proxy_auth and referer_regex ACLs with
> no results. sslbump is working.
Try these rules:
# initial security protection
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
# forbid access to cache manager from non-localhost
http_access deny manager !localhost
# leave the below commented to require a login for cache manager access
# http_access allow manager
# forbid unauthenticated, except when providing the special Referer
header
http_access deny !myreferer !password
# users not denied are allowed
http_access allow all
Cheers
Amos
More information about the squid-users
mailing list