Do-It-Yourself Caching: Squid 2.3 - page 3
Why Caching is Essential
Unlike commercial products, Squid isn't configured through a command line or graphical user interface. To make a configuration change, edit etc/squid.conf or mime.conf files, then invoke:
/usr/local/bin/squid -k reconfigure
Changes can be checked for proper syntax by using the -k parse command-line option. Debug can be enabled when parsing the config file by using the -X option. A few changes (e.g., enabling or disabling the client access log) require Squid to be stopped and restarted; this can be accomplished with the -k shutdown option.
Squid can be monitored through log files, created by default in /usr/local/bin/logs. The cache.log contains system-level messages used to monitor status when starting, reconfiguring or stopping Squid. The access.log records client request activity (see Monitoring Squid). The store.log tracks objects being added to the cache; you'll probably want to disable this very large file by adding cache_store_log none to squid.conf. In fact, if you don't disable the store.log, you'll eventually run out of disk space.
Accessing shell commands and files require the administrator to log into the Squid server. Remote login session traffic can be secured with additional software (for example, Secure Shell).
Squid can also be remotely monitored through a browser-based Cache Manager GUI. Cache Manager is a CGI script. To run it, config changes may be required to the localhost web server. We added a link to /usr/local/squid/bin/cachemgr.cgi from our existing Apache cgi-bin directory, but we could have added a ScriptAlias to Apache's srm.conf file instead. If you want to limit access to Cache Manager, add a Location to Apache's access.conf file permitting execution by a specified host, domain, or authenticated user.
Config details for each web server vary; do whatever it takes to execute this CGI script and impose appropriate security restrictions.
With our version of Squid, manager access by the localhost was permitted by default. Older Squid versions may require squid.conf file updates to add the ACL http_access allow manager localhost. You can restrict actions available through Cache Manager by customizing cachemgr_passwd statements in squid.conf. The only active command provided by Cache Manager--shutdown--is password-protected by default. All other Cache Manager commands are passive; this GUI does not support remote configuration.
Solid state disks (SSDs) made a splash in consumer technology, and now the technology has its eyes on the enterprise storage market. Download this eBook to see what SSDs can do for your infrastructure and review the pros and cons of this potentially game-changing storage technology.
- 1Linux Top 3: CoreOS, Oracle Enterprise Linux 7 and Ubuntu 14.10
- 2Linux Top 3: Raspberry Pi B+, CentOS 7 and RHEL 5.11
- 3Linux Top 3: CoreOS Goes Stable, Oracle Clones RHEL 7 and Tails Updates
- 4Linux Top 3: Slackware Turns 21, Debian Squeezes and Linux 3.16 Nears
- 5Linux Top 3: Distrowatch, Deepin 2014 and the NSA