On Sun, 12 Sep 2004 [EMAIL PROTECTED] wrote:
1. How should I lock down squid/acl so that it is as secure as possible?
Since you are running an accelerator you should lock down which destinations may be accessed via the proxy. See the dstdomain acl and Squid FAQ chapter 10 Access Controls.
2. How do I go about using squid to cache ssl on port 443?
See https_port.
3. Is there any good FAQ/guides to help describe methods of specifying which files/directories are not cached?
See no_cache directive.
4. How do I tell squid to reload certain pages from their source at a certain time,
or after a certain length of time?
The best way is by having your server say when the page expires. See the "Caching Tutorial For Webmasters" document for an easy to understand description of caching and how to make web applications work correctly together with caches (all forms of caches, accelerators, proxies, web browsers, you name it).
5. With 1GB of ram dedicated to squid for caching this site, do you have any recommendations on which memory replacement policy to use?
This depends on the size of your site and object size distribution. But I would recommend starting with the default "lru" policy. The heap policies have been somewhat broken for a long time (see patches page).
Regards Henrik
