Ahmed wrote : > > I am getting a lot of these messages in my cache.log > > > > 2004/04/23 02:21:02| Request header is too large (10494 bytes) > > 2004/04/23 02:21:02| Config 'request_header_max_size'= 10240 bytes. > > 2004/04/23 02:21:30| Request header is too large (11680 bytes) > > 2004/04/23 02:21:30| Config 'request_header_max_size'= 10240 bytes. > > 2004/04/23 03:30:41| Request header is too large (11680 bytes) > > 2004/04/23 03:30:41| Config 'request_header_max_size'= 10240 bytes. > > 2004/04/23 03:32:27| Request header is too large (10494 bytes) > > 2004/04/23 03:32:27| Config 'request_header_max_size'= 10240 bytes. > > I believe this is some kind of Dos Attack from some virus on > > client's systems
Elsen Marc Reply: > Check SQUID's access log to further identify these requests. > If they turn out to be malicious , then block using ACL mechanisms (e.d.) > I am facing the same problem .I am using squid-2.5STABLE3 and wccp v1, In my squid.conf request_header_max_size is disable. Is there any way to stop these messages in cache.log ? As you said I checked my access.log file, the request from our network and I cant block those IPs. Any help to solve this will be appreciated, Thnks & rgrds, Eswari Sharma