[squid-users] linuxize.com and other sites captcha
Alex Rousskov
rousskov at measurement-factory.com
Wed May 18 19:55:42 UTC 2022
On 5/18/22 15:35, Eliezer Croitoru wrote:
> I have seen that many sites are against MITM since they want to be able
> to reach the client directly and without any ICAP proxy in the middle.
>
> There are services that gives captcha pages when these pages are being
> MITM by squid, for example: https://linuxize.com
>
> @Alex, can we please try to define what cause this and if it is at all
> possible to avoid this? (eventually…)
There are many known ways to fingerprint a proxy, and Squid is not
even trying to hide its presence beyond a couple of basic directives
like "via off". It is possible to make Squid "more stealthy", of course.
Since needless traffic modification sometimes causes compatibility
problems, the Squid Project ought to accept quality improvements in this
area IMO. However, I am not aware of any active efforts in this direction.
Whether a particular Squid change (to remove proxied traffic
modification) can defeat a particular proxy detection mechanism depends
on whether that mechanism relies on that traffic modification
(exclusively), of course. I do not know what linuxize.com is using right
now. Needless to say, they can change or improve their detection methods
just like others can change or improve Squid.
Alex.
More information about the squid-users
mailing list