Phillip Pearson - web + electronics notes

tech notes and web hackery from a new zealander who was vaguely useful on the web back in 2002 (see: python community server, the blogging ecosystem, the new zealand coffee review, the internet topic exchange).

2007-8-14

Successful Squid reverse proxy install

I haven't had much luck with reverse proxies in the past. I tried using Squid on my own web server some time back, but at that time it wasn't really set up to reverse proxy lots of domains, I think, so I ended up writing my own reverse proxy, that supported SCGI, for my Python stuff. More recently I tried Varnish, but it broke form submission on peopleaggregator.net then tended to hang after a minute or so of traffic.

I haven't heard much about Squid for a while -- lots about Perlbal, Pound, nginx, etc -- but it seems to be working fine for WikiMedia and Flickr too. Today I gave it another go, and this time it seems to be working OK.

These instructions are good - I used the Squid 2.6 setup, running on Debian etch.

A working reverse proxy config, proxying for *.example.com, with public IP address 123.123.123.123, is as trivial as this:

- at the top of squid.conf:

cache_peer 127.0.0.1 parent 80 0 originserver default

- lower down, replace the 'http_port 80' line with:

http_port 123.123.123.123:80 vhost vport

- just before the deny all acl:

acl valid_dst dstdomain .example.com
http_access allow valid_dst
... more like this: [, ]