I see quite a few messages like this one in my logs: squid[1327]: SECURITY ALERT: on URL: sa.scorecardresearch.com:443 Running squid 3.5.19-20160524-r14057, https-intercept just for logging, so no bump. It is understood, that most likely this is because of squids DNS and browsers DNS not to be in sync. Besides some "big well known sites" especially ad servers are the problem. Having synced all my own DNS-caches, used by squid or the browsers, finally I could get rid of most "SECURITY ALARMS" by disabling browsers internal DNS cache, and pre-fetching DNS, both for firefox and chrome. Which makes some sense to me, as special DNS-caching policy (60s., fixed, for firefox) violates TTL, and DNS-prefetch (both firefox and chrome) _might_ elevate the porpability of using a stale IP, in case of fast rotation of the IP. Special settings for the browsers are a bit cumbersome, so the question: Is it possible to create a new option for squid, to ignore this type of error ? If not: Where is the right source file to start some own hacking ? -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/SECURITY-ALARM-once-more-tp4678071.html Sent from the Squid - Users mailing list archive at Nabble.com. _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
