Search squid archive

RE: Trailing Slash / Using Reverse Proxy

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

>> Request for https://www.example.com/test will not work through Squid
but
>> IIS will add the trailing slash https://www.example.com/test/

>What happens here is that the web server says "Sorry, the URL you
>requested is not valid. You should go to http://my.server.name/test/
>instead.

>> Going through Squid the browser receives "The page cannot be
displayed"
>> with the address as http://10.10.1.108/test/ The IP address is the
>> internal IP address of the IIS web server and the request changed
from
>> https to http.

>Set up the reverse proxy not rewriting the Host name component and
>things will work much better. This way the web server knows it's
>external name and the URLs generated by the web server will be correct.

How would I setup the reverse proxy to not rewrite the host name
componet? Here is my config file:

http_port 80
https_port 443 cert=/etc/squid/example.com-11-07.pem
key=/etc/squid/example.com_key-11-07.pem options=NO_SSLv2
cipher=DEFAULT:!EXPORT:!LOW
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
acl JS url_regex .js$
no_cache deny JS
acl CSS url_regex .css$
no_cache deny CSS
auth_param basic children 5
auth_param basic realm Squid proxy-caching web server
auth_param basic credentialsttl 2 hours
#Suggested default:
refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern .               0       20%     4320
refresh_pattern -i \.jpg$       0 100% 10080
refresh_pattern -i \.gif$       0 100% 10080
refresh_pattern -i \.png$       0 100% 10080
refresh_pattern -i \.bmp$       0 100% 10080
#Recommended minimum configuration:
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl CONNECT method CONNECT
acl port80 myport 80
acl port443 port 443
acl port563 port 563
acl TheOriginServer dst 10.10.1.100
#Recommended minimum configuration:
# Only allow cachemgr access from localhost
http_access allow manager localhost
http_access deny manager
http_access allow port563
http_access allow port443
http_access deny port80
http_access allow TheOriginServer
http_access deny all
http_reply_access allow all
icp_access allow all
httpd_accel_host 10.10.1.100
httpd_accel_port 80
httpd_accel_single_host on
httpd_accel_with_proxy off
deny_info https://www.example.com/ port80
coredump_dir /var/spool/squid
visible_hostname www.example.com
logfile_rotate 9
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux