On 23/01/19 9:22 pm, reinerotto wrote: > Running squid 4.4 on very limited device, unfortunately quite a lot of > messages: "... SECURITY ALERT: Host header forgery detected ... " show up. > Unable to eliminate real cause of this issue (even using iptables to redir > all DNS requests to one dnsmasq does not help), these annoying messages tend > to fill up cache.log, which is kept in precious RAM. > Is there an "official" method to suppress these messages ? > Or can you please give a hint, where to apply a (hopefully) simple patch ? > See <https://wiki.squid-cache.org/KnowledgeBase/HostHeaderForgery> FYI: There is still active malware out there searching for proxies that are vulnerable and utilizing them for nefarious uses. The last person to ask this questio turned out to have a network infected with that malware. I thought last year that a decade of fixed Squid being used was long enough for things to die down and let us loosen up a bit. Then was informed about yet another ISP being attacked through those methods. So no, an official patch removing them is not on the book yet. Almost all the ways we are able to reduce the side effects have been done and are included in that Squid-4.4 Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users