Last active
June 13, 2023 22:05
-
-
Save T8aZ/5ba85be4c9e23aaafec647165b8ec963 to your computer and use it in GitHub Desktop.
SquidSecureSetup
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ##docker : sudo docker run -d --name squid-container -e TZ=UTC -p 10.x.x.x:3128:3128 --restart always -v /home/username/squid/squid.conf:/etc/squid/squid.conf ubuntu/squid | |
| ##squid.conf: | |
| #remove squid header indications | |
| via off | |
| forwarded_for off | |
| header_access From deny all | |
| header_access Server deny all | |
| header_access WWW-Authenticate deny all | |
| header_access Link deny all | |
| header_access Cache-Control deny all | |
| header_access Proxy-Connection deny all | |
| header_access X-Cache deny all | |
| header_access X-Cache-Lookup deny all | |
| header_access Via deny all | |
| header_access Forwarded-For deny all | |
| header_access X-Forwarded-For deny all | |
| header_access Pragma deny all | |
| header_access Keep-Alive deny all | |
| #remove ability for clients of proxy to access internal network accessible from proxy. | |
| acl localdst dst 10.0.0.0/8 | |
| acl localdst dst 192.168.0.0/16 | |
| http_access deny localdst | |
| #ACLs: http://wiki.squid-cache.org/SquidFaq/SquidAcl |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment