fre 2007-06-08 klockan 16:41 +0500 skrev Suhaib Ahmad: > Hi Henrik, > > Just need a nod from you :). I've this setup for website accel.. Can > you confirm that it would hold on and that no security lapse in it? > > my apache-webserver is running on 192.168.7.1 port 80. I have squid running on > 192.168.7.3 port 80. All the image urls are pointing to 7.3. > > ------ squid.conf -------- > http_port 80 accel defaultsite=192.168.7.1 > cache_peer 192.168.7.1 parent 80 0 no-query originserver weight=1 > http_access allow all > acl all src 0.0.0.0/0.0.0.0 > icp_access allow all defaultsite should be the site name the users should put in their browsers, not the origin server name/address. The origin server is specified in cache_peer. Not strictly needed unless you have other http_port lines, but for improved security I would recommend an acl limiting which sites may be requested instead of the "allow all". acl mysites dstdomain list.of.accelerated.sites http_access allow mysites http_access deny all If you just have a single site then the list consists of just that single site name, same as you have in defaultsite. REgards Henrik
Attachment:
signature.asc
Description: Detta =?ISO-8859-1?Q?=E4r?= en digitalt signerad meddelandedel
