Thanks Emilio. How would I make that acl_type request so it rejects all other HEAD requests besides from my load balancer? Would it just be acl my_cisco dst 192.168.1.1 acl my_cisco method HEAD
http_access deny HEAD http_access allow my_cisco Thanks, Nick > > From: Emilio Casbas <[EMAIL PROTECTED]> > Date: 2004/06/10 Thu AM 03:41:56 EDT > To: Nick <[EMAIL PROTECTED]> > Subject: Re: [squid-users] HEAD requests on a reverse proxy > > Nick wrote: > > >Hello, I have two servers running squid as a reverse proxy. The squid servers > >caches pages that come from another server running Apache. When squid was > >initially setup I denied HEAD requests but now I need to allow HEAD requests. We > >have a Cisco GSS load balancer that probes the server using HTTP HEAD requests. > >Are there any security issues when allowing HEAD requests on a squid proxy. > > > >Thanks, > >Nick > > > > > > > > I think there isn't any security issues with HEAD > requests. The HEAD method behaves exactly > like the GET method, but the server returns only > the headers in the response. No entity body is > ever returned. > In any case you can make an external_acl_type > with request_method and enable only for > the Cisco Load Balancer. > > > Emilio C. > > >
