Search squid archive

Host Header Forgery issue even after applying patch

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi There 

I have installed Squid 3.5-20 in transparent mode (using WCCP ) and facing
lots of false 

positive for SSL sites (Host header forgery detected ), we are using just
Peak and slice and 

not actually bump-ing the traffic . 

2019/05/08 23:51:05 kid1| SECURITY ALERT: on URL: outlook.office365.com:443
2019/05/08 23:51:05 kid1| SECURITY ALERT: Host header forgery detected on
local=40.100.2.98:443 

remote=10.1.1.3:58714 FD 36 flags=33 (local IP does not match any domain IP)

2019/05/08 23:51:05 kid1| SECURITY ALERT: on URL: outlook.office365.com:443
2019/05/08 23:51:16 kid1| SECURITY ALERT: Host header forgery detected on
local=52.98.77.98:443 

remote=10.1.1.3:58717 FD 60 flags=33 (local IP does not match any domain IP)


I did apply the patch (
https://github.com/NethServer/squid/blob/c7/SOURCES/squid-3.5.20-ssl-

forgery.patch) while compile the squid but still getting  same error . is
there anyway to 

verify that "HostHeaderForgery" is disabled and patch is applied correctly ? 

Or is there any other alternative to resolve this issue (not with explicit
proxy). I have verified client and squid have same DNS . 

Regards
Gjoshi



--
Sent from: http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users




[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux