[squid-users] Page not accessible when bumped (Cloudflare challenge?)
Beat Zahnd
beat.zahnd at gmail.com
Sat Jan 23 12:45:39 UTC 2021
Hi all,
I have Squid 5.0.4 (same behaviour on old 4.x) running a simple SSL-bump setup as described in https://wiki.squid-cache.org/ConfigExamples/Intercept/SslBumpExplicit.
http_port 3128 ssl-bump cert=/etc/squid/ssl_cert/myCA.pem generate-host-certificates=on dynamic_cert_mem_cache_size=4MB tls-dh=/etc/squid/ssl_cert/dhparam.pem
sslcrtd_program /usr/lib/squid/security_file_certgen -s /var/lib/ssl_db -M 4MB
acl step1 at_step SslBump1
acl nobump ssl::server_name "/etc/squid/nobump"
ssl_bump peek step1
ssl_bump splice nobump
ssl_bump bump all
Recently some pages started to not work anymore when bumped one example is https://www.ricardo.ch/de/a/alinghi-reconditionnee-rarete-1155873766/
All browser seem to get stuck wich enormous memory consumption. Seems that some challenge-response is driving them crazy. Seems to be from cloudflare...
What is happening here? Any ideas to get such pages still bumped?
Cheers
More information about the squid-users
mailing list