On Sun, 12 Sep 2004 admin@usachurch.com wrote:
> 1. How should I lock down squid/acl so that it is as secure as possible?
Since you are running an accelerator you should lock down which
destinations may be accessed via the proxy. See the dstdomain acl and
Squid FAQ chapter 10 Access Controls.
> 2. How do I go about using squid to cache ssl on port 443?
See https_port.
> 3. Is there any good FAQ/guides to help describe methods of specifying
> which files/directories are not cached?
See no_cache directive.
> 4. How do I tell squid to reload certain pages from their source at a
> certain time,
> or after a certain length of time?
The best way is by having your server say when the page expires. See
the "Caching Tutorial For Webmasters" document for an easy to understand
description of caching and how to make web applications work correctly
together with caches (all forms of caches, accelerators, proxies, web
browsers, you name it).
> 5. With 1GB of ram dedicated to squid for caching this site, do you have any
> recommendations on which memory replacement policy to use?
This depends on the size of your site and object size distribution. But I
would recommend starting with the default "lru" policy. The heap policies
have been somewhat broken for a long time (see patches page).
Regards
Henrik
Received on Mon Sep 13 2004 - 02:24:13 MDT
This archive was generated by hypermail pre-2.1.9 : Fri Oct 01 2004 - 12:00:02 MDT