On 27/07/22 07:52, muhanad wrote:
Hello
I am trying to edit the header of http headers to set the cache_control
option to " no-cache" to prevent users from being able to cache the
contents
This will not do what you think it does.
The "no-cache" control actually *enables* caching by recipients. It just
requires a quick revalidation check before the cached content is used.
even if they are using any type of caching engines. the squid
proxy will work in a transparent mode. The traffic is originated from
one of our CDNs,
This does not make sense. Just publish the Squid machine IP in DNS
instead of the CDN server IP. No need for interception.
also the connection is direct between the clients and
the CDN servers, thus the proxy will work in transparent mode with IP
spoofing so the in the header the IP address is stays the IP address of
the client and not the proxy server.
This may not do what you think it does. When traffic is arriving *from*
Internet the source-IP indicates which route to deliver the response
packets. You do not want the origin server(s) bypassing Squid on the TCP
SYNACK packets - that will break all traffic.
PS: We are an ISP company based in Iraq, Baghdad and we are trying to
prevent the clients from caching all HTTP data.
Why? This is typically a very bad idea.
All it does is:
* lower the amount of bandwidth available to your clients
- given them a bad service/experience.
* increase the traffic delays across your network
- even worse service/experience.
* encourage other ISP to erase the cache limitations on traffic from
your servers even on traffic where it is correct
- even worse service/experience.
Even if you are charging clients for bandwidth used. You want to be able
to service *more* clients as quickly as possible, not scare them away
with a bad service.
HTH
Amos
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
