[squid-users] Host header forgery detected after upgrade from 3.5.8 to 3.5.9

Dan Charlesworth dan at getbusi.com
Wed Oct 21 03:53:16 UTC 2015


I’m getting these very frequently for api.github.com and github.com

I’m using the same DNS servers as my intercepting squid 3.5.10 proxy and they only return the one IP when I do an nslookup as well …

Any updates from your end, Roel?

> On 8 Oct 2015, at 8:29 PM, Eliezer Croitoru <eliezer at ngtech.co.il> wrote:
> 
> Since they are using the same dns server there is no need to run some trials.
> The only test you should in any case test is to see how long is the IP list from the DNS request for the domain name.
> 
> Eliezer
> 
> On 08/10/2015 12:12, Roel van Meer wrote:
>> Eliezer Croitoru writes:
>> 
>>> Are the users and proxy using different dns server?
>> 
>> No, they are using the same server.
>> 
>>> Can you run dig from the proxy on this domain and dump the content to
>>> verify that the ip is indeed there?
>> 
>> I'm currently running with 3.5.8 again, so I'll have to find a quiet
>> hour where I can upgrade and check this. I'll get back to you. Thanks!
>> 
>> Roel
> 
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users



More information about the squid-users mailing list