On 25/03/2015 2:05 p.m., Monah Baki wrote: > Thanks Amos, > > My problem is I only have control over the squid server. I can only > tell the ISP to take the client offline and run some AntiVirus or > better reimage the device. The security problem is that your proxy is receiving over port 80 (*unencrypted* origin server) a request the client apparently sent on port 443 (encrypted origin server). This may be caused by the client browser running a script which is hjacking it. Or somebody between your proxy and the client MITM'ing the connection and sending decrypted content out over the network in the clear. Neither is a desirable situation. > > Within 2 hours my cache.log grew to 50MB in size and it was repeating > the error mentioned over and over again till my squid server started > complaining about running out of file descriptors, and stopped > working. Your proxy is configured such that it adds the Via header properly for loop detection. However, if there is another proxy stripping away that header and a loop happens it would directly lead to both the FD exhaustion and the extremely large amount of log entries (once per loop). Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
