Le 10/09/2010 15:41, Amos Jeffries a écrit :
On 11/09/10 00:16, DjinnS wrote:
Le 10/09/2010 12:58, Amos Jeffries a écrit :
The recent data attached hints that IMS requests are likely to return
a completely new object when a refresh check is performed. This may
wipe out any stored record of age on every request.
Here the rest of the config file:
### ACLs
acl all src all
acl manager proto cache_object
acl localhost src 127.0.0.1/32
acl to_localhost dst 127.0.0.0/8
acl xXxXxXx src xXxXxXx
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 81 # http bis
acl Safe_ports port 82 # http bis
acl CONNECT method CONNECT
acl xXxXxXx dstdomain xXxXxXx
acl xXxXxXx dstdomain xXxXxXx
acl xXxXxXx dstdomain xXxXxXx
acl xXxXxXx dstdomain xXxXxXx
acl xXxXxXx dstdomain xXxXxXx
acl xXxXxXx dstdomain xXxXxXx
acl xXxXxXx dstdomain xXxXxXx
acl xXxXxXx dstdomain xXxXxXx
# exclude from cache
acl excludeURL url_regex \/imgs\/newsletter\/
acl excludeURL url_regex \/sitemap_news\.xml$
acl excludeURL url_regex \/membre\/
# - PURGE
acl PURGE method PURGE
http_access allow PURGE localhost
http_access deny PURGE
http_access allow manager xXxXxXx
http_access allow manager localhost
http_access deny manager
http_access deny SSL_ports
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access allow all
icp_access deny all
htcp_access deny all
### MODE
http_port 80 accel vhost
Ah, all your strange http_access rules start to make some sense.
Running an accelerator you can dump most of the default http_access.
They are designed for forward proxies. CONNECT is not valid and
rejected on arrival. SSL_Ports and Safe_Ports should be irrelevant
since clients are connection to your 80 as the destination.
A normal accel config is much simpler with just a list the domains
being served through the proxy and permitting access to only them:
acl localDomains dstdomain .example.com
http_access allow localDomains
http_access deny all
Any other access config blocking public access to site areas is sugar
on the top.
<snip>
no_cache deny excludeURL
If the excludeURL test matches this files URL it will not be stored.
The "no_" bit there has been an obsolete name for this option for many
versions.
<snip>
### DIVERS
hierarchy_stoplist cgi-bin ?
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern (cgi-bin|\?) 0 0% 0
These three above should be last, right before the "." pattern. It may
be that the \? pattern matches your json file URL (and others from the
below list) and reduces the storage calculation to discard after 0
seconds.
Also, we have revised the pattern a bit these days:
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
# oxalide - cache static
refresh_pattern -i \.gif$ 240 20% 240
refresh_pattern -i \.png$ 240 20% 240
refresh_pattern -i \.jpg$ 240 20% 240
refresh_pattern -i \.jpeg$ 240 20% 240
refresh_pattern -i \.ico$ 240 20% 240
refresh_pattern -i \.js$ 240 20% 240
refresh_pattern -i \.swf$ 240 20% 240
refresh_pattern -i \.xml$ 240 20% 240
refresh_pattern -i \.css$ 240 20% 240
refresh_pattern . 0 20% 4320
<snip>
Amos
Amos,
Thank your for your feedback.
Actually, there is an issue with the clock on the server. With small
max_age values, the content was always stale.
After fixing the clock, caching is now working fine.
Thank you for your help.
--
DjinnS
