Hi, I've got a mysterious problem with Squid as reverse proxy and I would be grateful if someone could help me out. Basically, I use an external acl to validate the session id when someone accesses my site that is reverse proxied. ..snip.. external_acl_type ext_session_page ttl=180 negative_ttl=0 %SRC %>{Cookie:;MYSESSIONID} /usr/bin/php /path/to/myvalidator.php acl user_session external ext_session_page http_access deny !user_session deny_info https://logon.domain.com/logon.php?url=%u user_session ..snip.. My logon page logon.php creates a new session id and stores a cookie. When a user has successfully logged on, I redirect to his chosen site. Squid then validates the cookie using my external acl (OK or ERR). This works fine 99.5% of the time. But sometimes squid gets confused and sends the older session id (one before the current session id in deny_page) to my external acl which is really weird. As a result, the external acl keeps returning ERR. Then it sorts itself out. Or a restart squid sorts it out. What could be causing this? Is this a bug with squid? I've also noticed that it seems to happen at night around 9 PM ish. The logic is simple: 1. User visits the reverse proxied site (config not shown). 2. Squid checks the external acl to see if the cookie is valid. 3. If OK it lets it go to the site. 4. If ERR, logon.php is presented which creates a new session id and stores a cookie. 5. User logs on 6. If successful, logon.php redirects to the reverse proxied site. (At this point, external acl will be checked i.e. step 2. External acl will reply OK as the cookie is valid.) 7. If failed, logon.php does not redirect i.e. stays on deny_page. Thanks