Hi Amos, > You are referring to the SSL_ports ACL ? Yes. Got your point. Thanks for the clarification Ronan On Wed, Oct 7, 2020 at 4:55 PM Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote: > > On 7/10/20 2:16 pm, Ronan Lucio wrote: > > Hi, > > > > By default, Squid accepts SSL connection only to port 443. > > You are referring to the SSL_ports ACL ? > > That does not mean accepting SSL connections. Only that the port is > known to be used primarily for SSL. So that opening opaque CONNECT > tunnels there have lower security risk. > > > > Are there any security concerns when need to accept HTTPS connections > > on other ports? > > > > Anything at all can go through a CONNECT tunnel and all your egress > firewall and other security will be able to tell is that the traffic > came from Squid. > > If you are certain the traffic is actually HTTPS and not something else > it should be okay. But do check for that first. > > Amos > _______________________________________________ > squid-users mailing list > squid-users@xxxxxxxxxxxxxxxxxxxxx > http://lists.squid-cache.org/listinfo/squid-users _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
