Tom Le wrote: > I have a website that sits behind squid 2.5 and it got hack into today.
> Here is the log from squid > 1094326387.752 899375 200.148.134.206 TCP_MISS/000 0 PUT > http://<hostname>/index.html - DIRECT/<my website ip adress> - > Can any of you give me some insight into this problem, and how to tight > my squid server down? Your web server is somehow configured to accept files from anyone on the Internet who tries to upload to it. You need to fix your web server's security settings. Ask your web server vendor for details. You can use Squid acls to block this particular attack (block the PUT method), but if your webserver is so insecure that you need this protection, odds are the attackers will find some other way in. Adam
