Dan Casey wrote:
I'm running squid 2.6 from CentOS 5 repository, as an http accelerator
for wordpress.
I've got it working to a point using a configuration I found elsewhere
(I'm not very familiar with squid yet, and most docs I've found are not
relevant to this version).
The FAQ has a current configuration setup tutorial
http://wiki.squid-cache.org/SquidFaq/ReverseProxy
there are large access control settings missing from your config that
are needed to make things work efficiently and securely. Additional to
the notes I've made below.
It is successfully caching the images as stuff and other static content,
but I would like it cache some of dynamic pages as well. I've played
around with the refresh_pattern's a little bit, but didn't have any
luck. Here is an example from the access log.
ping.php is specifically not cached, but the other one "?p=1" I would
like to cache.
############# /etc/squid/squid.conf ##################
# Basic parameters
visible_hostname localhost
Calling the gateway machine "localhost" may cause all sorts of trouble
and confusion. Please try using a proper machine or domain FQDN.
# This line indicates the server we will be proxying for
http_port 80 defaultsite=wordpress.dom.tld
# And the IP Address for it
cache_peer 10.10.10.10 parent 80 0 no-query originserver
acl apache rep_header Server ^Apache
broken_vary_encoding allow apache
# Where the cache files will be, memory and such
cache_dir ufs /var/spool/squid 10000 16 256
cache_mem 256 MB
maximum_object_size_in_memory 32 KB
# Log locations and format
logformat common %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %Hs %<st %Ss:%Sh
logformat combined %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %Hs %<st
"%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh
access_log /var/log/squid/access.log squid
cache_log /var/log/squid/cache.log
cache_store_log /var/log/squid/store.log
store log is not usually needed. you can save yourself a lot of storage
space setting this to "none".
hosts_file /etc/hosts
# Basic ACLs
acl all src 0.0.0.0/0.0.0.0
acl mydomain dstdomain .example.com
That should be set properly to the wordpress domain.
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl to_localhost dst 127.0.0.0/8
acl Safe_ports port 80
acl purge method PURGE
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access allow localhost
http_access allow all
Drop that allow all!
http_access allow mydomain
http_access deny all
http_reply_access allow all
icp_access allow all
cache_effective_group squid
should only need cache_effective_user here. Group plays wickedness with
permissions.
coredump_dir /var/spool/squid
forwarded_for on
emulate_httpd_log on
redirect_rewrites_host_header off
buffered_logs on
refresh_pattern -i ping.php 0 0% 0 override-expire
refresh_pattern -i .php 0 50% 30
refresh_pattern -i .js 0 50% 300
refresh_pattern -i .css 0 50% 300
refresh_pattern -i .jpg 0 50% 300
refresh_pattern -i .gif 0 50% 300
refresh_pattern -i .png 0 50% 300
refresh_pattern -i .swf 0 50% 300
refresh_pattern -i .html 0 50% 300
refresh_pattern -i .shtml 0 50% 300
client_persistent_connections on
server_persistent_connections on
pipeline_prefetch on
strip_query_terms off
Amos
--
Please be using
Current Stable Squid 2.7.STABLE5 or 3.0.STABLE11
Current Beta Squid 3.1.0.3
