This is a discussion on Re: AW: [squid-users] reverse-proxy for multiple domains - squid ; On Thu, 26 Feb 2004 firstname.lastname@example.org wrote: > Why httpd_accel_port 0? > > cause i read it somewhere i don't remember anymore. i thought the port must > be zero in connection with the virtual httpd_accel_host. Enabling httpd_accel_port virtual mode ...
On Thu, 26 Feb 2004 email@example.com wrote:
> Why httpd_accel_port 0?
> cause i read it somewhere i don't remember anymore. i thought the port must
> be zero in connection with the virtual httpd_accel_host.
Enabling httpd_accel_port virtual mode enables port-based virtual hosts.
> do i have to change it to the port of the web-server?
This is required.
These directives control how Squid reconstructs the complete requested URL
on accelerated requests
httpd_accel_uses_host_header tells Squid to use the Host header of the
request if available.
httpd_accel_host tells what host name to use if
httpd_accel_uses_host_header is not enabled or if the request does not
have a Host header.
httpd_accel_port tells what port to use in the reconstructed url. If 0
then the port number of the http_port will be used.
So if you have
http_accel_uses_host_header off (or request without Host header)
then the URL as seen by Squid will become
and this is the URL Squid will try to retreive, which most likely is not
what you want unless you are using a redirector to fix up this URL into
something which makes sense.
The recommended accelerator setup for Squid-2.5 is
# Host to assume if there is no Host header
# Normal web port
# Domain based virtual host support
# Required for RFC compliance
Then add the accelerated hostnames to /etc/hosts with the addresses of the
real web servers, and configure Squid access controls to limit what may be
# Base ACLs
acl all src 0.0.0.0/0
acl port80 port 80
acl http proto http
# Give access only to our accelerated servers
acl ourwebsites dstdomain accelerated.web.name other.accelerated.web.name
http_access allow http port80 ourwebsites
# Deny all other uses
http_access deny all
For Squid-3 the setup is a little different, but Squid-3.0 is not yet
released so more on that later.