On 1/10/2015 10:41 p.m., birbird wrote: > Hi All, > > > I have setup basic authentication for Squid, but I can not get passed from browser, just asked to inpu user/password time and time again. > > > I was stuck at, the command > /usr/lib64/squid/ncsa_auth /etc/squid/squid_passwd > dose not give any output. I think it means squid can not get the authentication info. But I have no idea what to do next. > > > I create my password by > htpasswd -d /etc/squid/squid_passwd dan Try using -m instead of -d. > > > My squid config is > auth_param basic program /usr/lib64/squid/ncsa_auth /etc/squid/squid_passwd > acl ncsa_users proxy_auth REQUIRED > > http_access allow ncsa_users > Is that the entire acces control configuration? If so, it is missing the basic security protections against tunnel abuse and protocol smuggling. aka; http_access deny !Safe_ports http_access deny CONNECT !SSL_Ports These should be above the auth checks to reduce DoS vulnerabilities. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
