在局域网通过透明代理访问外部的web服务器时, 在web服务器端, 通过header HTTP_X_FORWARDED_FOR 可以知道代理服务器的服务器名以及端口, 通过HTTP_VIA可以知道客户的内部ip,这会带来一些安全问题,并且某些论坛会发现用的是代理访问,怎么让squid隐藏这些信息呢. 通过研究squid的源代码,发现在/etc/squid/squid.conf中添加2行: header_access Via deny all header_access X-Forwarded-For deny all 就可以把它关闭
要去掉其他的header,也可以照此操作:
Accept HTTP_ACCEPT Accept-Charset HTTP_ACCEPT-CHARSET Accept-Encoding HTTP_ACCEPT-ENCODING Accept-Language HTTP_ACCEPT-LANGUAGE Accept-Ranges HTTP_ACCEPT-RANGES Age HTTP_AGE Allow HTTP_ALLOW Authorization HTTP_AUTHORIZATION Cache-Control HTTP_CACHE-CONTROL Connection HTTP_CONNECTION Content-Base HTTP_CONTENT-BASE Content-Disposition HTTP_CONTENT-DISPOSITION Content-Encoding HTTP_CONTENT-ENCODING Content-Language HTTP_CONTENT-LANGUAGE Content-Length HTTP_CONTENT-LENGTH Content-Location HTTP_CONTENT-LOCATION Content-MD5 HTTP_CONTENT-MD5 Content-Range HTTP_CONTENT-RANGE Content-Type HTTP_CONTENT-TYPE Cookie HTTP_COOKIE Date HTTP_DATE ETag HTTP_ETAG Expires HTTP_EXPIRES From HTTP_FROM Host HTTP_HOST If-Match HTTP_IF-MATCH If-Modified-Since HTTP_IF-MODIFIED-SINCE If-None-Match HTTP_IF-NONE-MATCH If-Range HTTP_IF-RANGE Last-Modified HTTP_LAST-MODIFIED Link HTTP_LINK Location HTTP_LOCATION Max-Forwards HTTP_MAX-FORWARDS Mime-Version HTTP_MIME-VERSION Pragma HTTP_PRAGMA Proxy-Authenticate HTTP_PROXY-AUTHENTICATE Proxy-Authentication-Info HTTP_PROXY-AUTHENTICATION-INFO Proxy-Authorization HTTP_PROXY-AUTHORIZATION Proxy-Connection HTTP_PROXY-CONNECTION Public HTTP_PUBLIC Range HTTP_RANGE Referer HTTP_REFERER Request-Range HTTP_REQUEST-RANGE Retry-After HTTP_RETRY-AFTER Server HTTP_SERVER Set-Cookie HTTP_SET-COOKIE Title HTTP_TITLE Transfer-Encoding HTTP_TRANSFER-ENCODING Upgrade HTTP_UPGRADE User-Agent HTTP_USER-AGENT Vary HTTP_VARY Via HTTP_VIA Warning HTTP_WARNING WWW-Authenticate HTTP_WWW-AUTHENTICATE Authentication-Info HTTP_AUTHENTICATION-INFO X-Cache HTTP_X-CACHE X-Cache-Lookup HTTP_X-CACHE-LOOKUP X-Forwarded-For HTTP_X-FORWARDED-FOR X-Request-URI HTTP_X-REQUEST-URI X-Squid-Error HTTP_X-SQUID-ERROR Negotiate HTTP_NEGOTIATE X-Accelerator-Vary HTTP_X-ACCELERATOR-VARY Other: HTTP_OTHER:
您正在阅读:squid代理服务器泄露客户ip和服务器信息的解决
转载请注明:IT运维空间 » 运维技术 » squid代理服务器泄露客户ip和服务器信息的解决
你可能喜欢:
-
![[Oracle]复习笔记-SQL部分内容](/zb_users/upload/2023/02/25/20230213095820-63ea09bc55070.jpg)
[Oracle]复习笔记-SQL部分内容
-
oracle执行.sql文件
-
oracle 10g sqlplus,PL SQL Developer,character中文乱码解决
-
oracle跟踪sql语句
-
oracle 常用select sql语句
-
JAVA-MySQL与Oracle或者(Oracle与MySQL)之间相互拷贝数据
-
关于 mybatis-generator自定义注释生成 使用DefaultCommentGenerator重写来完成 Mybatis Generator的model生成中文注释,支持oracle和mysql(通过实现CommentGenerator接口的方法来实现)
-
如何在Oracle中一次执行多条sql语句 (.net C#)
-
Mysql-sql行转列
-
![[ORACLE]查看SQL绑定变量具体值 查看SQL绑定变量值](https://94ip.com/zb_users/theme/ydconcise/include/random/8.jpg)
[ORACLE]查看SQL绑定变量具体值 查看SQL绑定变量值
发表评论