Re: [squid-users] Squid 4.x and Peek and Splice - Host Header Forgery

2016-10-18 Thread John Wright
Also here is an example showing the issues when pushing to S3 as well as the same error with some google url's. 2016/10/17 18:33:32 kid1| SECURITY ALERT: Host header forgery detected on local=209.85.144.113:443 remote=x.x.x.x:62402 FD 49 flags=33 (local IP does not match any domain IP) 2016/10/17

Re: [squid-users] Squid 4.x and Peek and Splice - Host Header Forgery

2016-10-18 Thread John Wright
In response to it not being a false positive , maybe its not specifically the TTL but in this other article on the mailing lists someone else had the same issue Here is the response Amos gave, this is a known issue and apparently there is no way to "ignore host header forgery issues" or bypass th

Re: [squid-users] Squid 4.x and Peek and Splice - Host Header Forgery

2016-10-18 Thread garryd
On 2016-10-18 22:42, John Wright wrote: Hi Replying to the list Yes i get that error on many different sites same exact error about host headers. Also if you watch the TTL on the amazonaws url i provided it changes from 3 to 5 to 10 seconds to 60 to 10 back and forth. If you go online to an dns

Re: [squid-users] Squid 4.x and Peek and Splice - Host Header Forgery

2016-10-18 Thread John Wright
Hi Replying to the list Yes i get that error on many different sites same exact error about host headers. Also if you watch the TTL on the amazonaws url i provided it changes from 3 to 5 to 10 seconds to 60 to 10 back and forth. If you go online to an dns lookup site like kloth i see via kloth 5

Re: [squid-users] Squid 4.x and Peek and Splice - Host Header Forgery

2016-10-18 Thread garryd
On 2016-10-18 18:32, John Wright wrote: Hi, I have a constant problem with Host header forgery detection on squid doing peek and splice. I see this most commonly with CDN, Amazon and microsoft due to the fact there TTL is only 5 seconds on certain dns entries im connecting to. So when my clien

[squid-users] Squid 4.x and Peek and Splice - Host Header Forgery

2016-10-18 Thread John Wright
Hi, I have a constant problem with Host header forgery detection on squid doing peek and splice. I see this most commonly with CDN, Amazon and microsoft due to the fact there TTL is only 5 seconds on certain dns entries im connecting to. So when my client connects through my squid i get host hea