FYI; if this file is only accessed by the Squid auth helper (usually the case) it should be in /etc/squid or a sub-dir under there and have the proxy group read access (no write). Ownership should be root or an admin account with permission to add/remove entries, Squid does not need those permissions. If it is shared with other systems, then there should be an appropriate group that Squid can be added to gain read-only access for validating the credentials in it. Amos On 17/09/20 11:34 pm, Wind Lee wrote: > Thanks Amos, problems has been fixed, it's because of my passwd file > couldn't be read by user squid, I wrongly placed it at root user's home > directory and forgot to change its owner attributes. > > On 2020/9/17 6:34 PM, Amos Jeffries wrote: >> I see Squid being told to accept valid credentials. What about missing >> ones? invalid ones? garbage credentials? >> >> Best practice for auth is to deny all non-valid credentials before >> accepting. >> >> http_access deny !auth >> http_access allow localnet >> >> >> Amos >> _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
