Yes that should do it. But to let Squid do its job against DoS and such security attacks ... On 14/04/18 17:36, xpro6000 wrote: > This should do it > Move all these custom rules between here ... > acl Allowed_IPs src "/etc/squid/Allowed_IPs.txt" > http_access allow Allowed_IPs > > auth_param basic program /usr/lib/squid3/basic_ncsa_auth /etc/squid/passwd > auth_param basic children 5 > auth_param basic realm Squid proxy-caching web server > auth_param basic credentialsttl 2 hours > auth_param basic casesensitive off > > acl ncsa_users proxy_auth REQUIRED > http_access allow ncsa_users > ... and here. > acl SSL_ports port 443 > acl Safe_ports port 80 > acl Safe_ports port 21 > acl Safe_ports port 443 > acl Safe_ports port 70 > acl Safe_ports port 210 > acl Safe_ports port 1025-65535 > acl Safe_ports port 280 > acl Safe_ports port 488 > acl Safe_ports port 591 > acl Safe_ports port 777 > acl CONNECT method CONNECT > http_access deny !Safe_ports > http_access deny CONNECT !SSL_ports > http_access allow localhost manager > http_access deny manager ... Down to this position after the recommended aka Best Practice) security protections/rules. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
