Jamie wrote:
>
> 'all' means same password for all the actions listed in the squid.conf
> section above the cachemgr_passwd Tag.
I'd suggest using something like this ...
acl adminservers src 192.168.5.1/32 192.168.5.2/32 192.168.5.3
cachemgr_passwd yourpassword info adminservers
...to only allow "info" searches. That is, disable shutdown and viewing the
conf file (which contains the password in the first place). The fields that
are disabled have a * next to them in squid.conf. Also only those hosts
listed in "adminservers" can connect to the cachemgr.cgi.
Otherwise if you don't want to deal with the host restriction, just drop
that acl from cachemgr_passwd:
cachemgr_passwd yourpassword info
My point is, if you don't need to shutdown or view the config's via the
cachemgr, disable it by only offering the "info" level stats. That's my
opinion anyhow.
thanks,
Adam
Received on Fri May 02 2003 - 13:55:26 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:16:12 MST