Re: [squid-users] no-cache , no-store

From: N3O <strutter79_at_gmail.com>
Date: Mon, 21 Mar 2011 14:57:26 -0400

Amos

After modifying the php app now i receive:

 HTTP/1.1 200 OK
    Date: Mon, 21 Mar 2011 19:54:34 GMT
    Server: Apache/2.0.52 (Red Hat)
    Set-Cookie: PHPSESSID=82160b8ea5b353a66317bc8dae34f53d; path=/
    Expires: Thu, 19 Nov 1981 08:52:00 GMT
    Cache-Control: max-age=1200
    Pragma: no-cache
    Vary: Accept-Encoding
    Content-Encoding: gzip
    Content-Length: 20295
    Connection: close
    Content-Type: text/html

But still it doesnt cache html pages, only images:
200.40.209.18 - - [21/Mar/2011:14:36:18 -0400] "GET
http://www.cmswire.com/ HTTP/1.1" 200 20773 "http://www.cmswire.com/"
"Mozilla/5.0 (X11; U; Linux i686; en-US) AppleWebKit/533.4 (KHTML,
like Gecko) Chrome/5.0.375.38 Safari/533.4" TCP_MISS:FIRST_UP_PARENT
200.40.209.18 - - [21/Mar/2011:14:56:20 -0400] "GET
http://www.cmswire.com/ HTTP/1.1" 200 20713 "http://www.cmswire.com/"
"Mozilla/5.0 (X11; U; Linux i686; en-US) AppleWebKit/533.4 (KHTML,
like Gecko) Chrome/5.0.375.38 Safari/533.4" TCP_MISS:FIRST_UP_PARENT
200.40.209.18 - - [21/Mar/2011:14:56:20 -0400] "GET
http://www.cmswire.com/stats.php? HTTP/1.1" 200 487
"http://www.cmswire.com/" "Mozilla/5.0 (X11; U; Linux i686; en-US)
AppleWebKit/533.4 (KHTML, like Gecko) Chrome/5.0.375.38 Safari/533.4"
TCP_MISS:FIRST_UP_PARENT
200.40.209.18 - - [21/Mar/2011:14:56:22 -0400] "GET
http://www.cmswire.com/ HTTP/1.1" 200 20778 "http://www.cmswire.com/"
"Mozilla/5.0 (X11; U; Linux i686; en-US) AppleWebKit/533.4 (KHTML,
like Gecko) Chrome/5.0.375.38 Safari/533.4" TCP_MISS:FIRST_UP_PARENT

200.40.209.18 - - [21/Mar/2011:14:36:16 -0400] "GET
http://www.cmswire.com/images/pentahoLogosmall.jpg HTTP/1.1" 304 441
"http://www.cmswire.com/" "Mozilla/5.0 (X11; U; Linux i686; en-US)
AppleWebKit/533.4 (KHTML, like Gecko) Chrome/5.0.375.38 Safari/533.4"
TCP_REFRESH_UNMODIFIED:FIRST_UP_PARENT
200.40.209.18 - - [21/Mar/2011:14:36:16 -0400] "GET
http://www.cmswire.com/images/emetrics_2011_logo.jpg HTTP/1.1" 304 441
"http://www.cmswire.com/" "Mozilla/5.0 (X11; U; Linux i686; en-US)
AppleWebKit/533.4 (KHTML, like Gecko) Chrome/5.0.375.38 Safari/533.4"
TCP_REFRESH_UNMODIFIED:FIRST_UP_PARENT
200.40.209.18 - - [21/Mar/2011:14:36:16 -0400] "GET
http://www.cmswire.com/images/snowbound_logo_2011.jpg HTTP/1.1" 304
441 "http://www.cmswire.com/" "Mozilla/5.0 (X11; U; Linux i686; en-US)
AppleWebKit/533.4 (KHTML, like Gecko)

i modified the squid.conf:

# Add any of your own refresh_pattern entries above these.
refresh_pattern ^ftp: 1440 20% 10080
refresh_pattern ^gopher: 1440 0% 1440
refresh_pattern -i (/cgi-bin/|\?) 0 0% 0
refresh_pattern . 0 20% 4320

any ideas why it still doesnt cache html pages??

greetings!

On Fri, Mar 18, 2011 at 7:27 PM, Amos Jeffries <squid3_at_treenet.co.nz> wrote:
> On 19/03/11 02:44, N3O wrote:
>>
>> Hi amos
>>
>> Thanks for your reply.
>>
>> By turning setting session.cache_limiter off in php.ini would i be
>> able to cache these php generated pages??
>
> You would yes, provided the PHP scripts generating them do not deny it.
>
>> Do you think my squid.conf is correct to cache the pages?? i only get
>> a lot of TCP MISS in my access.log :(
>
> So what headers are being sent around now?
>
>  If you are testing with the refresh button be aware that it often forces
> no-cache or at best revalidate to happen. Which results in an IMS_MISS.
>  Pressing enter in the address bar is the best test of normal traffic
> HIT/MISS behaviour.
>
>>
>> This is my squid.conf:
>>
>> ------------------------------------------------------------------------------------------------------------
>> acl manager proto cache_object
>> acl localhost src 127.0.0.1/32 ::1
>> acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
>>
>> acl localnet src 10.0.0.0/8     # RFC1918 possible internal network
>> acl localnet src 172.16.0.0/12  # RFC1918 possible internal network
>> acl localnet src 192.168.0.0/16 # RFC1918 possible internal network
>>
>> acl SSL_ports port 443
>> acl Safe_ports port 80          # http
>> acl Safe_ports port 21          # ftp
>> acl Safe_ports port 443         # https
>> acl Safe_ports port 70          # gopher
>> acl Safe_ports port 210         # wais
>> acl Safe_ports port 1025-65535  # unregistered ports
>> acl Safe_ports port 280         # http-mgmt
>> acl Safe_ports port 488         # gss-http
>> acl Safe_ports port 591         # filemaker
>> acl Safe_ports port 777         # multiling http
>> acl CONNECT method CONNECT
>>
>> http_access allow manager localhost
>> http_access deny manager
>>
>> http_access deny !Safe_ports
>> http_access deny CONNECT !SSL_ports !Safe_ports
>> http_access allow localnet
>> http_access allow localhost
>> http_access allow all
>> http_access deny all
>>
>> visible_hostname www.xxx.com
>>
>> http_port 80 accel defaultsite=www.xxx.com
>> http_port 80 accel ignore-cc
>> cache_peer x.x.x.x parent 80 0 no-query originserver
>> emulate_httpd_log on
>> redirect_rewrites_host_header off
>> forwarded_for on
>>
>> cache_dir ufs /usr/local/squid/var/cache 1000 16 256
>> cache_mem 256 MB
>> maximum_object_size_in_memory 128 KB
>> coredump_dir /usr/local/squid/var/cache
>>
>> logformat combined %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %>Hs %<st
>> "%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh
>>
>> access_log /var/log/squid/access.log combined
>>
>> logfile_rotate 10
>>
>> refresh_pattern ^ftp:           1440    20%     10080
>> refresh_pattern ^gopher:        1440    0%      1440
>> refresh_pattern -i (/cgi-bin/|\?) 0    0%      0
>> refresh_pattern .               0       20%     4320
>
> All these following refresh_patten do not work. The "." pattern above
> catches *everything*.
>
>> refresh_pattern -i \.(html|htm|css|js)$ 1440 50% 40320
>> refresh_pattern -i \.php$ 1440 100% 40320 override-expire
>> override-lastmod reload-into-ims
>> refresh_pattern -i php\? 1440 100% 40320 override-expire
>> override-lastmod reload-into-ims
>> refresh_pattern -i \.xml$ 15 100% 20 override-expire override-lastmod
>> reload-into-ims
>> refresh_pattern . 1440 40% 40320
>>
>>
>>
>>
>> On Thu, Mar 17, 2011 at 11:26 PM, Amos Jeffries<squid3_at_treenet.co.nz>
>>  wrote:
>>>
>>> On 18/03/11 16:08, N3O wrote:
>>>>
>>>> Hello
>>>> i'm using squid 3.1.11 as a reverse proxy.
>>>> Is it possible to cache pages that show the no-cache, no-store
>>>> directives in their http headers?
>>>
>>> "no-cache" do get cached. It only means that existing cached copies are
>>> not
>>> to be sent to the requestor.
>>>
>>> "no-store" is set on pages which are absolutely not allowed to be stored
>>> to
>>> any long-term media. ie cached.
>>>
>>>> Server: Apache/2.0.52 (Red Hat)
>>>>     Set-Cookie: PHPSESSID=de2721c82ebc2be4b9a388d2e6e3d66c; path=/
>>>>     Expires: Thu, 19 Nov 1981 08:52:00 GMT
>>>>     Cache-Control: private, no-cache, no-store, proxy-revalidate,
>>>> no-transform
>>>
>>> In this case private indicates that the object contains some private
>>> information. Caching this on a reverse-proxy will result in the cached
>>> copy
>>> and thus the private information to be sent to all visitors. Major
>>> personal
>>> info leakage usually resulting.
>>>
>>> Are you fighting with PHP defaults? the php.ini setting
>>> session.cache_limiter can be turned to not add things. The app NEEDS to
>>> be
>>> setting its own correctly with that off, may off-the-shelf seem to rely
>>> on
>>> the defaults.
>>>
>>> Amos
>>> --
>>> Please be using
>>>  Current Stable Squid 2.7.STABLE9 or 3.1.11
>>>  Beta testers wanted for 3.2.0.5
>>>
>
>
> --
> Please be using
>  Current Stable Squid 2.7.STABLE9 or 3.1.11
>  Beta testers wanted for 3.2.0.5
>
Received on Mon Mar 21 2011 - 18:57:35 MDT

This archive was generated by hypermail 2.2.0 : Tue Mar 22 2011 - 12:00:02 MDT