Hello-
I have a website that is currently being attacked by malware that is hiding behind over 10,000 web proxies, many of which are using Squid. Fortunately, the hits are all to the same URL. I added "Expires: ..." and "Cache-Control: max-age=..." HTTP headers, in an attempt to minimize the hits to the website.
However, the malware that is generating these hits is sending a "Cache-Control: no-cache, max-age=..." HTTP header. This header is causing Squid not to use the cached objects, but instead connect to the website again.
My question is whether or not there is anything that I can do from the web server to force Squid to return the cached objects, regardless of what the client does? I'm guessing that neither a "Content-Location" HTTP header or a "301 Moved Permanently" HTTP response from the web server will override a "no-cache" from the client.
-Scott
---- This outgoing message is guaranteed to be authentic by Message Level users. Guarantee the authenticity of your email @ http://www.messagelevel.com. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
