[squid-users] Config just for my personal use. Secure?

From: Francisco Lopes <[email protected]>
Date: Tue, 6 Apr 2004 21:46:26 -0300

Hello everyone,

I'm trying to install Squid on my server for my personal use, that
means, only I will use the proxy. After reading some tutorials I came
up with this configuration:

http_port *myip*:9876
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
authenticate_program /usr/lib/squid/ncsa_auth /etc/squid/passwd
acl users proxy_auth "/etc/squid/passwd"
acl password proxy_auth REQUIRED
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl SSL_ports port 443 563
acl Safe_ports port 80 # http
acl Safe_ports port 21 # ftp
acl Safe_ports port 443 563 # https, snews
acl Safe_ports port 70 # gopher
acl Safe_ports port 210 # wais
acl Safe_ports port 1025-65535 # unregistered ports
acl Safe_ports port 280 # http-mgmt
acl Safe_ports port 488 # gss-http
acl Safe_ports port 591 # filemaker
acl Safe_ports port 777 # multiling http
acl CONNECT method CONNECT
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny users
http_access allow all
proxy_auth_realm Squid proxy-caching web server

Do you think that's enough and secure? I wish no-one can access it
except me, with my login and password.

Thank you very much.

Regards,

Francisco
Received on Tue Apr 06 2004 - 18:48:56 MDT

This archive was generated by hypermail pre-2.1.9 : Fri Apr 30 2004 - 12:00:01 MDT