On 10/04/19 1:40 am, leomessi983 wrote: > Hi > When i use curl -I http://foo.com squid will send his name and version > to clients that i don't want to!! > > > root@debian:~# curl -I http://youtube.com > HTTP/1.1 403 Forbidden > Server: squid/4.6 > Mime-Version: 1.0 > Date: Tue, 09 Apr 2019 13:34:36 GMT > Content-Type: text/html;charset=utf-8 > Content-Length: 404 > X-Squid-Error: ERR_ACCESS_DENIED 0 > Vary: Accept-Language > Content-Language: en > X-Cache: MISS from LINUX-SRV > Via: 1.1 LINUX-SRV (squid/4.6) > Connection: keep-alive > > > How can i config squid to doesn't show this information to clients?! > Why? Many of these details are needed to have good Internet communication between the proxy and other HTTP agents receiving this message. For example; The above response is a statement of security policy *by the proxy*. If the client is not made aware that it is a proxy response there can be unwanted side effects in the security handling of whatever domain the client was trying to fetch when the proxy created that response. eg CORS restrictions on other content of the site which the proxy would have allowed, failover to unexpected protocols, broken origin XSS protections, etc. You can configure <http://www.squid-cache.org/Doc/config/httpd_suppress_version_string/> if you want to hide the exact Squid version. Other headers can be manipulated with <http://www.squid-cache.org/Doc/config/reply_header_access/> and <http://www.squid-cache.org/Doc/config/reply_header_replace/>, or <http://www.squid-cache.org/Doc/config/reply_header_add/>. But please be very careful if you do that, as mentioned above there can be surprising side effects. PS. Do not be embarrassed to be using a proxy. Most traffic on the Internet these days goes through up to 6 proxies before it reaches the client. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
