On Mon, Aug 11, 2014 at 7:59 PM, Sarah Baker <sbaker@xxxxxxxxxxxxxx> wrote: > Background: > Squid: squid-3.1.23-2.el6.x86_64 > OS: CentOS 6.5 - Linux 2.6.32-431.23.3.el6.x86_64 #1 SMP Thu Jul 31 17:20:5= > 1 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux > > Issue: > I have two boxes, same OS, same squid binary, same config file, same squid-= passwd file. > Configuration is setup for ncsa_auth. Squid runs as user squid. > > Both systems return OK to use of command line of ncsa_auth as squid user to= the login and password in the squid-passwd file. > > Using squid however via a curl thru one of the proxy ips/port of the system= > : one system gives 403 forbidden, the other works just fine. > Tried removing authentication entirely, a fully open squid. It fails - same message. 403 forbidden means that the authenticator doesn't even get to kick in; it's a final deny. Are you really sure that the 403 is generated by Squid, and not by the origin server? you can tell by looking at the error page. > Also looked at thusfar: > rpm -q query_options --requires squid-3.1.23-2.el6.x86_64 > the same on both boxes. > Ran yum update on both to insure everything was up to latest - no change. The issue is either not in squid or it's related to the http_access configuration. Would you mind sharing an excerpt of your squid.conf with including that part? > Any ideas what I should look far? -- Francesco