Re: [squid-users] Quick question on using squid as a reverse proxy

From: Ben Hollingsworth <>
Date: Fri, 25 Apr 2008 11:45:04 -0500

Steven Pfister wrote:
> Besides taking away direct access to the webserver (and any vulnerabilities it may have) and providing some caching for static content, what are some other advantages of using squid this way? I'm trying to help put together a security recommendation.

Squid can terminate an SSL connection and then speak HTTP to the real
server, allowing you to secure the outside access without having to
SSL-enable all inside access. If you do this with multiple servers, you
can use a single wildcard SSL certificate on the squid box to cover all
your inside servers, which saves money. We do this.

CONFIDENTIALITY NOTICE: This e-mail message,including any
attachments,is for the sole use of the intended recipient(s)
and may contain confidential and privileged information. Any
unauthorized review, use, disclosure or distribution is 
prohibited. If you are not the intended recipient,please
contact the sender by reply e-mail and destroy all copies
of the original message.

Received on Fri Apr 25 2008 - 16:45:13 MDT

This archive was generated by hypermail 2.2.0 : Thu May 01 2008 - 12:00:04 MDT