On Fri, 18 Feb 2005, Gilles Hamel wrote:
www.shopathomeselect.com, www.agoraplus.com ...) , clients browser do HEAD requests but don't send their authentication tokens :
1108489166.618 8 10.2.10.27 TCP_DENIED/407 425 HEAD http://www.shopathomeselect.com/GR_check_site.html? - NONE/- text/html
1108489166.720 7 10.2.10.27 TCP_DENIED/407 424 HEAD http://www.shopathomeselect.com/GR_check_site.html? - NONE/- text/html
1108489166.757 10 10.2.10.27 TCP_DENIED/407 424 HEAD http://www.shopathomeselect.com/GR_check_site.html? - NONE/- text/html
This is most likely some other software running on the client computers, not using the web browser..
Generally adding access controls allowing unauthenticated access for these clients to the sites is the best way to go, unless you have a close cooperation with the provider of the software and manage to convince them to make their software work proper with proxies requiring authentication.
acl special_sites dstdomain www.shopathomeselect.com ....
http_access allow my_clients special_sites
Regards Henrik