Hi There I have installed Squid 3.5-20 in transparent mode (using WCCP ) and facing lots of false positive for SSL sites (Host header forgery detected ), we are using just Peak and slice and not actually bump-ing the traffic . 2019/05/08 23:51:05 kid1| SECURITY ALERT: on URL: outlook.office365.com:443 2019/05/08 23:51:05 kid1| SECURITY ALERT: Host header forgery detected on local=40.100.2.98:443 remote=10.1.1.3:58714 FD 36 flags=33 (local IP does not match any domain IP) 2019/05/08 23:51:05 kid1| SECURITY ALERT: on URL: outlook.office365.com:443 2019/05/08 23:51:16 kid1| SECURITY ALERT: Host header forgery detected on local=52.98.77.98:443 remote=10.1.1.3:58717 FD 60 flags=33 (local IP does not match any domain IP) I did apply the patch ( https://github.com/NethServer/squid/blob/c7/SOURCES/squid-3.5.20-ssl- forgery.patch) while compile the squid but still getting same error . is there anyway to verify that "HostHeaderForgery" is disabled and patch is applied correctly ? Or is there any other alternative to resolve this issue (not with explicit proxy). I have verified client and squid have same DNS . Regards Gjoshi -- Sent from: http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
