> On Dec 19, 2016, at 1:31 PM, Antony Stone <Antony.Stone@xxxxxxxxxxxxxxxxxxxx> wrote: > > On Monday 19 December 2016 at 17:44:11, Sameh Onaissi wrote: > >> Hello, >> >> I was using squid client to get cache stats, however this morning it >> completely stopped working. > >> <center><img src="http://mydomainname.com/squid/access_denied.jpg"; >> alt="Acceso Denegado" style="width:704px;height:428px;"></center> > >> the html code is the code of my redirect page whenever a client tries to >> access a blacklisted website. > > How big is your blacklist? Could you show us what's in it? > > Have you added the proxy itself to the whitelist? The blacklist consistes of the ads, porn, socialnet and spyware lists of the BL list. I added both LAN and WAN IPs of the server to the whitelist but didn’t help. So, I changed my default acl setting in squid guard config file to pass all for now (I know it is not ideal), just to monitor the cache as I am trying to get the HIT ratio up. (currently only at 7.8%) squid guard config: pastebin.com/bbe8CWLE > >> squid.conf: http://pastebin.com/TQ8H6bRp > > Quote from your config: > > acl Safe_ports port 587 #SMTP > > Did you read Amos' reply "SMTP is the #1 worst protocol to let anywhere near > an HTTP proxy. Preventing what you have allowed to happen is one of the > primary reasons Safe_ports exists in the first place!” The reason I allow 587 is because the Squid Proxy lives on the same server as a mail server which needs this port, and several clients have their mail clientes (Outlook..etc) already configured to use this port. > > http://lists.squid-cache.org/pipermail/squid-users/2016-December/013776.html > > By the way, what did you have to fix to prevent those public IP addresses being > able to access your Squid proxy? I basically let them get blocked by squid for a day or two and they stopped. I just allowed LAN source IPs. > > http://lists.squid-cache.org/pipermail/squid-users/2016-December/013764.html > > > Antony. > > -- > Pavlov is in the pub enjoying a pint. > The barman rings for last orders, and Pavlov jumps up exclaiming "Damn! I > forgot to feed the dog!" > > Please reply to the list; > please *don't* CC me. > _______________________________________________ > squid-users mailing list > squid-users@xxxxxxxxxxxxxxxxxxxxx > http://lists.squid-cache.org/listinfo/squid-users _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
![http://mydomainname.com/squid/access_denied.jpg"](http://mydomainname.com/squid/access_denied.jpg"){kind=link}
