Hello, I'm placing a few details you may need to be aware of inline to reply to your latest post, followed by the help you asked for in your first post. > > What the heck kind of reply is this and why did you send it to my email > address and not post it in the forums! Sending replies like this are what > make people run back to Microsoft in frustration. Ahem, this got sent as reply to the users *mailing list*. There is no web 'forum'. You asked for a 'guru' to check your mail and thats what you got. Note that most gurus and experts speak natively in mystical terms commonly known as technical language and can be very confusing if they slip into it when you want 'Help for dummies' language. Please don't get angry about communications failures. On the Internet there is always a chance for another better answer. > >>Â Rather than craft a config file from what you have picked from the >> list, >>Â it's better for you to start with the default squid.conf that you get >> when >>Â you install squid and improve on the functions by reading about what >> you >>Â need from the FAQ and the Wiki. Only ask questions when you have read >> and >>Â failed to understand or gotten stuck. > > Are you kidding me with this reply? I AM STUCK! ... and the responder (whose name you cut so we can't see) gave you clear instructions on the best way not to get un-stuck and prevent yourself getting stuck again in future. They could perhapse have been a *little* bit clearer and pointed you at the reference material itself: http://wiki.squid-cache.org/SquidFaq http://wiki.squid-cache.org/ConfigExamples http://www.squid-cache.org/Doc/config/ NP: we see a LOT of people mailing here for help with the simplest things without reading those docs. For good security you need to know what each part of squid.conf is doing. So learning about any options you don't understand before cut-n-pasting is a Really Good Idea. The example you found seems to have a lot of crud and issues you don't want. Please cut your config back to the squid.conf.default settings for your version of squid and then on the clean copy follow the help I'm listing below... > > What makes you think I didn't read, and read and read and try until I > finally found someone's config which I could mod for my own start to get > going on this? I spent DAYS trying to get this thing to work, reading > hundreds of confused postings, not one ever working and certainly unable > to > quickly learn about this. I get the same impression as this other poster that you have not yet found the wiki, because you say you spent days searching 'forums' for a config already present with simple explanations and security controls in the official help wiki: http://wiki.squid-cache.org/ConfigExamples/Reverse/BasicAccelerator http://wiki.squid-cache.org/ConfigExamples/Reverse/VirtualHosting And now for your detailed help... Step 1) clearing your config back to squid.conf.default settings. Step 2) follow the http://wiki.squid-cache.org/ConfigExamples/Reverse/BasicAccelerator config. Making sure the options are added between the default 'acl' lines and the default 'http_access' lines. You should end up with something looking like this config layout (uses your apparent obfuscation for "my-main-domain"): .. <default squid environment configs> ... <default ACLs> http_port 80 accel defaultsite=my-main-domain cache_peer ip.of.webserver parent 80 0 no-query originserver name=myAccel acl our_sites dstdomain .my-main-domain http_access allow our_sites cache_peer_access myAccel allow our_sites cache_peer_access myAccel deny all http_access allow manager localhost http_access deny manager http_access allow purge localhost http_access deny purge http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localhost http_access deny all ... <default squid misc etc settings> For the logging section you only need: access_log /var/log/squid/access.log squid cache_log /var/log/squid/cache.log cache_store_log none Your earlier config also had: redirect_rewrites_host_header off buffered_logs on are you aware of what they do and do you actually need them? * I don't believe you need the redirect setting with no redirectors in use. * buffered_logs only you can really decide... http://squid-cache.org/Doc/config/buffered_logs/ Now you should have a simple, working and secure configuration. Any further questions please speak up again with details about them. When you are confidant about this going, we can move on to the HTTPS and failover questions. Amos
