On Wed, 10 Mar 2004, Eric Kahklen wrote: > I am getting ready test this out on the internet and wondered if anyone > could see any major security problems or miss configurations. I've > removed anything that I didn't think was necessary and left some things > in that I couldn't determine were needed or not. This is going to be > used for a reverse proxy (accelorator) with Exchange 2000. [Internet] - > [Firewall - port 443] - [Squid] - [Exchange/OWA - 2000]
The configuration looks good from what I can tell.. maybe you want to throw an "never_direct allow all" into the mix as a extra safeguard from future. There is an implicit "never_direct" on accelerated requests in Squid-3, but... Regards Henrik
