Thank you for this INFO I use ufdbguard with the line url_rewrite_program /usr/sbin/sgwrapper_ufdb I had redirect-https "https://www.jug.... in the config file for ufdbguard Removing https:// from this definition removed the fake CONNECT https:443 entries Anton Kornexl -----Ursprüngliche Nachricht----- Von: squid-users <squid-users-bounces@xxxxxxxxxxxxxxxxxxxxx> Im Auftrag von Amos Jeffries Gesendet: Donnerstag, 16. Januar 2020 20:59 An: squid-users@xxxxxxxxxxxxxxxxxxxxx Betreff: Re: Squid access.log On 17/01/20 3:08 am, Alex Rousskov wrote: > On 1/16/20 3:06 AM, Kornexl, Anton wrote: >> I see many requests with CONNECT https:443 in my access.log > >> How are these entries triggered? > > These records are logged when your Squid is done with an HTTP CONNECT > tunnel or after Squid intercepts a TLS connection. In very broad terms, > they are a sign that your Squid participates in HTTPS transactions. > Normally, there should be more than "https:443" in those CONNECT records. > This particular "https:443" happens when people use SquidGuard or similarly broken redirector to tell Squid the *URI* (hostname:443) of a CONNECT tunnel is a *URL* (https://hostname:443[path]).. If this is your case, fix the redirector or use this: uri_rewrite_access deny CONNECT Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
