squid的安全设置

本文链接: http://www.php-oa.com/2008/01/15/squid-se.html

使用squid的网站

#curl -I www.php-oa.com
HTTP/1.0 200 OK
Date: Tue, 15 Jan 2008 03:45:29 GMT
Server: Apache
X-Pingback: http://www.php-oa.com/xmlrpc.php
Content-Type: text/html; charset=UTF-8
X-Cache: MISS from cnc.onezone.com
X-Cache-Lookup: MISS from cnc.onezone.com:80
Via: 1.0 cnc.onezone.com:80 (squid/2.6.STABLE6)
Connection: close

正常的没有使用squid的。

#curl -I www.php-oa.com
HTTP/1.1 301 Moved Permanently
Date: Tue, 15 Jan 2008 03:49:30 GMT
Server: Apache
X-Pingback: http://www.php-oa.com/xmlrpc.php
Location: http://www.php-oa.com/
Connection: close
Content-Type: text/html; charset=UTF-8

发现不一样了没,人家查到你的server使用的是什么,然后还有你使用的是不是squid,还是真实的服务器.
在你的squid.conf中加入

header_access Via deny all
header_access Server deny all
header_access X-Cache deny all
header_access X-Cache-Lookup deny all

#不显示版本信息

httpd_suppress_version_string off

就可以把它关闭.

要去掉其他的header,也可以照此操作,下面是列表。

Accept HTTP_ACCEPT
Accept-Charset HTTP_ACCEPT-CHARSET
Accept-Encoding HTTP_ACCEPT-ENCODING
Accept-Language HTTP_ACCEPT-LANGUAGE
Accept-Ranges HTTP_ACCEPT-RANGES
Age HTTP_AGE
Allow HTTP_ALLOW
Authorization HTTP_AUTHORIZATION
Cache-Control HTTP_CACHE-CONTROL
Connection HTTP_CONNECTION
Content-Base HTTP_CONTENT-BASE
Content-Disposition HTTP_CONTENT-DISPOSITION
Content-Encoding HTTP_CONTENT-ENCODING
Content-Language HTTP_CONTENT-LANGUAGE
Content-Length HTTP_CONTENT-LENGTH
Content-Location HTTP_CONTENT-LOCATION
Content-MD5 HTTP_CONTENT-MD5
Content-Range HTTP_CONTENT-RANGE
Content-Type HTTP_CONTENT-TYPE
Cookie HTTP_COOKIE
Date HTTP_DATE
ETag HTTP_ETAG
Expires HTTP_EXPIRES
From HTTP_FROM
Host HTTP_HOST
If-Match HTTP_IF-MATCH
If-Modified-Since HTTP_IF-MODIFIED-SINCE
If-None-Match HTTP_IF-NONE-MATCH
If-Range HTTP_IF-RANGE
Last-Modified HTTP_LAST-MODIFIED
Link HTTP_LINK
Location HTTP_LOCATION
Max-Forwards HTTP_MAX-FORWARDS
Mime-Version HTTP_MIME-VERSION
Pragma HTTP_PRAGMA
Proxy-Authenticate HTTP_PROXY-AUTHENTICATE
Proxy-Authentication-Info HTTP_PROXY-AUTHENTICATION-INFO
Proxy-Authorization HTTP_PROXY-AUTHORIZATION
Proxy-Connection HTTP_PROXY-CONNECTION
Public HTTP_PUBLIC
Range HTTP_RANGE
Referer HTTP_REFERER
Request-Range HTTP_REQUEST-RANGE
Retry-After HTTP_RETRY-AFTER
Server HTTP_SERVER
Set-Cookie HTTP_SET-COOKIE
Title HTTP_TITLE
Transfer-Encoding HTTP_TRANSFER-ENCODING
Upgrade HTTP_UPGRADE
User-Agent HTTP_USER-AGENT
Vary HTTP_VARY
Via HTTP_VIA
Warning HTTP_WARNING
WWW-Authenticate HTTP_WWW-AUTHENTICATE
Authentication-Info HTTP_AUTHENTICATION-INFO
X-Cache HTTP_X-CACHE
X-Cache-Lookup HTTP_X-CACHE-LOOKUP
X-Forwarded-For HTTP_X-FORWARDED-FOR
X-Request-URI HTTP_X-REQUEST-URI
X-Squid-Error HTTP_X-SQUID-ERROR
Negotiate HTTP_NEGOTIATE
X-Accelerator-Vary HTTP_X-ACCELERATOR-VARY
Other: HTTP_OTHER:

更多配置请参考:http://bbs.linuxtone.org/thread-131-1-3.html

清除指定squid缓存文件的脚本:http://blog.haohtml.com/archives/3189

2 thoughts on “squid的安全设置

  1. Pingback: how to order marijuana online

  2. Pingback: https://junkcarsgone2day.com/usa/junk-car-removal/il/chicago-ridge/

Leave a Reply