squid代理服务器泄露客户ip和服务器信息的解决

运维 服务器运维
以下文章讲述squid代理服务器泄露客户ip情况以及解决服务器信息的解决方法。

在局域网通过透明代理访问外部的web服务器时,
在web服务器端,
通过header  HTTP_X_FORWARDED_FOR 可以知道代理服务器的服务器名以及端口,
通过HTTP_VIA可以知道客户的内部ip,这会带来一些安全问题,并且某些论坛会发现用的是代理访问,怎么让squid隐藏这些信息呢.
通过研究squid的源代码,发现在/etc/squid/squid.conf中添加2行:
header_access Via deny all
header_access X-Forwarded-For deny all
就可以把它关闭

要去掉其他的header,也可以照此操作:

Accept HTTP_ACCEPT
Accept-Charset HTTP_ACCEPT-CHARSET
Accept-Encoding HTTP_ACCEPT-ENCODING
Accept-Language HTTP_ACCEPT-LANGUAGE
Accept-Ranges HTTP_ACCEPT-RANGES
Age HTTP_AGE
Allow HTTP_ALLOW
Authorization HTTP_AUTHORIZATION
Cache-Control HTTP_CACHE-CONTROL
Connection HTTP_CONNECTION
Content-Base HTTP_CONTENT-BASE
Content-Disposition HTTP_CONTENT-DISPOSITION
Content-Encoding HTTP_CONTENT-ENCODING
Content-Language HTTP_CONTENT-LANGUAGE
Content-Length HTTP_CONTENT-LENGTH
Content-Location HTTP_CONTENT-LOCATION
Content-MD5 HTTP_CONTENT-MD5
Content-Range HTTP_CONTENT-RANGE
Content-Type HTTP_CONTENT-TYPE
Cookie HTTP_COOKIE
Date HTTP_DATE
ETag HTTP_ETAG
Expires HTTP_EXPIRES
From HTTP_FROM
Host HTTP_HOST
If-Match HTTP_IF-MATCH
If-Modified-Since HTTP_IF-MODIFIED-SINCE
If-None-Match HTTP_IF-NONE-MATCH
If-Range HTTP_IF-RANGE
Last-Modified HTTP_LAST-MODIFIED
Link HTTP_LINK
Location HTTP_LOCATION
Max-Forwards HTTP_MAX-FORWARDS
Mime-Version HTTP_MIME-VERSION
Pragma HTTP_PRAGMA
Proxy-Authenticate HTTP_PROXY-AUTHENTICATE
Proxy-Authentication-Info HTTP_PROXY-AUTHENTICATION-INFO
Proxy-Authorization HTTP_PROXY-AUTHORIZATION
Proxy-Connection HTTP_PROXY-CONNECTION
Public HTTP_PUBLIC
Range HTTP_RANGE
Referer HTTP_REFERER
Request-Range HTTP_REQUEST-RANGE
Retry-After HTTP_RETRY-AFTER
Server HTTP_SERVER
Set-Cookie HTTP_SET-COOKIE
Title HTTP_TITLE
Transfer-Encoding HTTP_TRANSFER-ENCODING
Upgrade HTTP_UPGRADE
User-Agent HTTP_USER-AGENT
Vary HTTP_VARY
Via HTTP_VIA
Warning HTTP_WARNING
WWW-Authenticate HTTP_WWW-AUTHENTICATE
Authentication-Info HTTP_AUTHENTICATION-INFO
X-Cache HTTP_X-CACHE
X-Cache-Lookup HTTP_X-CACHE-LOOKUP
X-Forwarded-For HTTP_X-FORWARDED-FOR
X-Request-URI HTTP_X-REQUEST-URI
X-Squid-Error HTTP_X-SQUID-ERROR
Negotiate HTTP_NEGOTIATE
X-Accelerator-Vary HTTP_X-ACCELERATOR-VARY
Other: HTTP_OTHER:


您正在阅读:squid代理服务器泄露客户ip和服务器信息的解决

【编辑推荐】

  1. 代理服务器隐藏IP地址的技巧
  2. 简单实用的代理服务器CCProxy
  3. Linux技巧:清除代理服务器上cache记录

责任编辑:王观 来源: 巧巧读书
相关推荐

2012-09-18 09:55:28

2018-12-20 08:50:53

TCPIP服务器

2019-06-18 08:27:37

Squid代理服务器IP代理池

2009-12-03 18:07:48

Squid代理服务器

2011-02-21 09:24:05

2020-08-02 15:00:40

SquidSSH系统运维

2021-06-16 07:34:32

Pythonsocket库Python基础

2009-02-12 15:40:00

代理服务器隐藏ip地址

2024-11-21 09:18:08

2024-02-20 14:53:01

2009-02-10 15:42:00

代理服务器代理服务器设置

2010-11-15 14:46:04

linuxsquidsquidGuard

2018-11-05 09:34:43

2010-03-09 11:21:24

代理服务器工作原理域名服务器工作原理

2010-01-11 13:05:24

VNC server配

2009-02-12 14:12:00

2010-08-26 10:01:50

DHCP服务器

2009-08-18 11:04:50

代理服务器设置代理服务器地址

2018-12-07 08:38:49

代理服务器Web服务器通信

2015-07-17 10:45:42

Squid服务器访问控制系统
点赞
收藏

51CTO技术栈公众号