Re: [squid-users] Config just for my personal use. Secure?

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Wed, 7 Apr 2004 09:52:28 +0200 (CEST)

On Tue, 6 Apr 2004, Francisco Lopes wrote:

> Hello everyone,
>
> I'm trying to install Squid on my server for my personal use, that
> means, only I will use the proxy. After reading some tutorials I came
> up with this configuration:
>
> http_access deny !Safe_ports
> http_access deny CONNECT !SSL_ports
> http_access deny users
> http_access allow all
>
> Do you think that's enough and secure? I wish no-one can access it
> except me, with my login and password.

Eh? Shouldn't the last two rules be inverted?

http_access allow users
http_access deny all

Other than this it looks reasonable, but you may want to add IP
restrictions in addition to the login restriction so only users coming
from correct IP addresses with a correct login is allowed.. the last two
rules then becomes

acl my_networks src ...
http_access allow my_networks users
http_access deny all

Regards
Henrik
Received on Wed Apr 07 2004 - 01:52:31 MDT

This archive was generated by hypermail pre-2.1.9 : Fri Apr 30 2004 - 12:00:01 MDT