Re: removing objects from cache

From: Jens-S. Voeckler <voeckler@dont-contact.us>
Date: Fri, 12 Feb 1999 09:55:04 +0100

On Fri, 12 Feb 1999, Benjamin de los Angeles Jr. wrote:

]> you can use the client program that is built with squid and do:
]>
]> client -h <squidhost> -p <squidport> -m PURGE http://www.asep.com.ph/
]
]I got 'access denied'.

The purge method ist disabled by default (because the unwary can wreck
havoc). You have to include something akin to

        acl PURGE method PURGE
        acl src_local src 127.0.0.0/8
        [... shortly after your ...deny manager]
        http_access allow PURGE src_local
        http_access deny PURGE

to your squid.conf before PURGE will be accepted from localhost.

BTW: Is there a security risk from bored ip-spoofing hacker intending to
clean out the cache? Yes, I know about router rules to filter out such
strangenesses, and that the hacker would have to know what urls to clean.
But shouldn't something as final as PURGE be logged to cache.log -
preferably with a squid.conf switch?

Le deagh dhùrachd,
Dipl.-Ing. Jens-S. Vöckler (voeckler@rvs.uni-hannover.de)
Institute for Computer Networks and Distributed Systems
University of Hanover, Germany; +49 511 762 4726
Received on Fri Feb 12 1999 - 01:54:47 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:44:32 MST