Re: running cachemgr.cgi from Richard Hall on 1996-08-22 (squid-users)

From: Richard Hall <hall@dont-contact.us>
Date: Thu, 22 Aug 1996 12:28:13 -0400 (EDT)

I went through this last week.

The cache manager access doesn't work like you think (and I thought and
others thought . . .) Basically, there are two ways to access cachemgr
functions: 1) through a browser by pointing it to the URL, and 2)
through a cachemgr by typing in a Cache Host name and port. That is, the
cache manager is not devoted exclusively to your cache, but lets you name
any cache host at all. Any cache manager can attempt to access stats
about your cache. It is this form of access that squid.conf controls.
Access through a browser can only be controlled by the http server
responsible for delivering the cachemgr.cgi page.

What this means is that 1) You must grant access in squid.conf to the
machine on which the http server is running in order to see the cache
manager functions at all via a browser. 2) Once the cachemgr.cgi program
can be served, anyone who points their browser at it can run the
functions. To change this, you need to fiddle with the http
configuration. This is because requests are interpreted as coming from
the server, not from the browser which is driving the server.

As it is right now, you could point your browser to my cachemgr.cgi
(http://cache.ns.utk.edu/cgi-bin/cachemgr.cgi), enter your cache host
name and access your cache stats. Only you can do this thanks to the
lines you put in squid.conf, but once you grant an http server access to
cachemgr.cgi, anyone will be able to run the functions through that
server, though they might not be able to through a cachemgr.cgi running
elsewhere.

I hope that this makes sense and isn't too much more than you wanted to know.

Richard Hall

On Thu, 22 Aug 1996, Peter Schaefer wrote:

> Sorry for this boring question:
>
> I want to access our squid1.0.8 via cachemgr.cgi.
>
> I have made the following changes to the squid.conf -file:
>
> acl peter src host-ip-number/net-mask
> http_access deny manager !peter
>
> I have got the following error message:
>
> ERROR:HTTP/1.0 403 Cache Access Denied
> Content-type: text/html
>
> Access Denied
>
> Sorry, you are not currently allowed to request
> cache_object: ...
>
> I am shure you can help me
>
> Peter
> peter@webart.de
>
>

Richard Hall
Network Services
University of Tennessee
Received on Thu Aug 22 1996 - 09:29:39 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:32:50 MST