Hey Simon, I have seen these websites and it seems that some content which is used in them is from CDNs or other domains. It’s very important to include specific domains like in the url: https://code.jquery.com/jquery-3.3.1.min.js For these sites to work properly. You can try to run a more complex config which can or might take into account the Referrer header in the Request It will probably only work if SSL bump is configured in your setup and it’s not the most secure way to allow sites. I am only offering this as a it can be limited to specific domains such as cdns or specific hosted services. All The Bests, From: squid-users <squid-users-bounces@xxxxxxxxxxxxxxxxxxxxx> On Behalf Of simon ben I have squid running perfectly fine on centos 7 64 bit with no issues I want to allow certain user ips to access a few sites and block everything else so below is the config the sites are 1) paloaltonetworks.com 2) redcloak.secureworks.com in squid.conf ------------------- acl userlist src "/etc/squid/userlist" acl sitelist dstdomain "/etc/squid/sitelist" http_access allow userlist sitelist ------------------- user list file has the ips ----------- 192.168.62.128 192.168.62.1 192.168.62.129 192.168.61.1 192.168.62.130 192.168.62.3 192.168.61.128 172.16.120.160 ------------------------------ site list file has the sites ---------------------------------------- .paloaltonetworks.com .secureworks.com baladia.xdr.eu.paloaltonetworks.com identity.paloaltonetworks.com login.paloaltonetworks.com assets.adobedtm.com redcloak.secureworks.com ------------------------------------------------ I see that the first page and some links are working but some do not . also there is a huge deny logs in squid access logs appreciate if you can advise me on how i can have the above access list so as to have minimum denies when being accessed from the above ips Thanks and Regards simon |
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users