fre 2007-06-08 klockan 16:41 +0500 skrev Suhaib Ahmad:
> Hi Henrik,
>
> Just need a nod from you :). I've this setup for website accel.. Can
> you confirm that it would hold on and that no security lapse in it?
>
> my apache-webserver is running on 192.168.7.1 port 80. I have squid running on
> 192.168.7.3 port 80. All the image urls are pointing to 7.3.
>
> ------ squid.conf --------
> http_port 80 accel defaultsite=192.168.7.1
> cache_peer 192.168.7.1 parent 80 0 no-query originserver weight=1
> http_access allow all
> acl all src 0.0.0.0/0.0.0.0
> icp_access allow all
defaultsite should be the site name the users should put in their
browsers, not the origin server name/address. The origin server is
specified in cache_peer.
Not strictly needed unless you have other http_port lines, but for
improved security I would recommend an acl limiting which sites may be
requested instead of the "allow all".
acl mysites dstdomain list.of.accelerated.sites
http_access allow mysites
http_access deny all
If you just have a single site then the list consists of just that
single site name, same as you have in defaultsite.
REgards
Henrik
This archive was generated by hypermail pre-2.1.9 : Sun Jul 01 2007 - 12:00:04 MDT