On Tue, 28 Sep 2004, Richard Skeggs wrote:
Surely there must be some decent documentation on how use SQUID to set up a reverse proxy.
Squid FAQ Chapter 20 httpd-accelerator mode. <url:http://www.squid-cache.org/Doc/FAQ/FAQ-20.html>
The main part to realize is that the accelerator directives in squid.conf is mainly about how to make Squid properly read the requests, the actual forwarding of the request is then subject to all the same cache_peer, always/never_direct, http_access etc as proxied request.
What I want to achieve is to redirect
http://emeademo.mobius.com/esav <http://emeademo.mobius.com/esav> to redirect to http://eghsnap1:8080/esav <http://eghsnap1:8080/esav> http://emeademo.mobius.com/ddrint <http://emeademo.mobius.com/ddrint> to redirect to http://eghsnap2:8080/ddrint <http://eghsnap2:8080/ddrint>
Generally it is not a good idea to run the backend web server on a different port than what the clients will request.
The smoothest accelerator setups is when the web server runs on the same port (and protocol) and is configured using the same domain name as the clients will request. You then only need to worry about how to get the requests to the correct server and things will work.
If you need to rewrite any part of the URL while it is forwarded by the reverse proxy then the application must be very strictly designed to not ever use any absolute URLs. Never render absolute URLs into HTML and never send any redirects to itself.
acl eghapp src 10.14.1.150 acl eghsnap1 src 10.14.1.151 acl eghsnap2 src 10.14.1.152 http_access allow eghapp eghsnap1 eghsnap2
Using access controls based on the client source IP address in an accelerator looks a bit odd.. these should probably be dst type ACLs.. (destination / Server IP addresses)
Regards Henrik
