On 11/08/18 09:43, Antony Stone wrote: > On Friday 10 August 2018 at 20:13:06, erdosain9 wrote: > >> Thanks to all!! >> Now is working fine. >> >> Just, one question to know... i make this accessible from the internet... >> so, i create some acl 0.0.0.0/0 and it's working. That is almost but deceptively not quite the same as "allow all". >> But.. this is a security issue??? or it's ok declare that ACL. > > If you want everyone / anyone on the Intenet to be able to get to your > servers, that is the obvious (and correct) ACL to use. No, sorry. It is not. The correct config is to use: http_access allow foo Where "foo" is the same ACLs you use on cache_peer_access to determine which traffic goes to the peers. That way Squid is able to block random other domains that virus scans etc try to use to detect open proxies. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
