Hello everyone,
I'm trying to install Squid on my server for my personal use, that
means, only I will use the proxy. After reading some tutorials I came
up with this configuration:
http_port *myip*:9876
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
authenticate_program /usr/lib/squid/ncsa_auth /etc/squid/passwd
acl users proxy_auth "/etc/squid/passwd"
acl password proxy_auth REQUIRED
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny users
http_access allow all
proxy_auth_realm Squid proxy-caching web server
Do you think that's enough and secure? I wish no-one can access it
except me, with my login and password.
Thank you very much.
Regards,
Francisco
Received on Tue Apr 06 2004 - 18:48:56 MDT
This archive was generated by hypermail pre-2.1.9 : Fri Apr 30 2004 - 12:00:01 MDT