On Tue, 28 Sep 2004, Richard Skeggs wrote:
> Surely there must be some decent documentation on how use SQUID to set up a
> reverse proxy.
Squid FAQ Chapter 20 httpd-accelerator mode.
<url:http://www.squid-cache.org/Doc/FAQ/FAQ-20.html>
The main part to realize is that the accelerator directives in squid.conf
is mainly about how to make Squid properly read the requests, the actual
forwarding of the request is then subject to all the same cache_peer,
always/never_direct, http_access etc as proxied request.
> What I want to achieve is to redirect
>
> http://emeademo.mobius.com/esav <http://emeademo.mobius.com/esav> to
> redirect to http://eghsnap1:8080/esav <http://eghsnap1:8080/esav>
> http://emeademo.mobius.com/ddrint <http://emeademo.mobius.com/ddrint> to
> redirect to http://eghsnap2:8080/ddrint <http://eghsnap2:8080/ddrint>
Generally it is not a good idea to run the backend web server on a
different port than what the clients will request.
The smoothest accelerator setups is when the web server runs on the same
port (and protocol) and is configured using the same domain name as the
clients will request. You then only need to worry about how to get the
requests to the correct server and things will work.
If you need to rewrite any part of the URL while it is forwarded by the
reverse proxy then the application must be very strictly designed to not
ever use any absolute URLs. Never render absolute URLs into HTML and never
send any redirects to itself.
> acl eghapp src 10.14.1.150
> acl eghsnap1 src 10.14.1.151
> acl eghsnap2 src 10.14.1.152
> http_access allow eghapp eghsnap1 eghsnap2
Using access controls based on the client source IP address in an
accelerator looks a bit odd.. these should probably be dst type ACLs..
(destination / Server IP addresses)
Regards
Henrik
Received on Tue Sep 28 2004 - 10:45:44 MDT
This archive was generated by hypermail pre-2.1.9 : Fri Oct 01 2004 - 12:00:03 MDT