Re: cachemgr.cgi usage with acl.proxy_auth patch

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Tue, 06 Jan 1998 01:10:44 +0100

Jussi Torhonen wrote:

> So, ACL named 'manager' denied for all except localhost. proxy_auth
> is not used here. Why Squid anyway requires proxy_auth
> for cacgemgr.cgi ?

You need to accept it somewhere.. You probably only have one line where
it is accepted, and that requires passwords.

The ACL lists is searched until the request is either denied or
accepted. A deny rule only denies access, it does not allow access to
the ones it doesn't deny.

You should add
http_access allow manager localhost
before
http_access deny manager !localhost
to allow localhost to use the manager interface without passwords, and
then deny all else access to it. The last http_access line can be
changed to "http_access deny manager" to make it clearer on how and when
it is accepted.

---
Henrik Nordström
Sparetime Squid Hacker
Received on Mon Jan 05 1998 - 17:09:09 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:38:18 MST