Topic: Squid Proxy Blocking access to port 2083 (https webserver cpanel)

[MarkR]

Hi All,

I am trying to access our webservers cpanel which uses https and port 2083 through our SME server, unfortunatley I receive a
"The proxy server is refusing connections" message which I pressume is because 2083 is not the standard port for https

Is there any way to allow this ?

Many thanks
Mark

[CharlieBrady]

You can probably do that by a custom template for squid.conf. But you could also do it in your browser configuration by not going to the proxy for your cpanel accesses, e.g. by a custom proxy.pac or .proxy.pac.

[mrjhb3]

I had a need to do something like that a while ago.  I used a custom-template, and it worked for me.  You can try this if you want.

Code: [Select]

mkdir -p /etc/e-smith/templates-custom/etc/squid/squid.conf
cd /etc/e-smith/templates-custom/etc/squid/squid.conf
cp /etc/e-smith/templates/etc/squid/squid.conf/20ACL15SSL_ports .
pico -w /20ACL15SSL_ports
Make the file look like:

Code: [Select]

{
    my @ports = split(",", ($squid{SSLPorts} || "443,563") );

    return "acl SSL_ports port @ports";
}
Exit and save, then

Code: [Select]

config setprop squid SSLPorts 443,563,2083
expand-template /etc/squid/squid.conf
cat /etc/squid/squid.conf  #just to look at the file to verify your port(s) are listed
/etc/rc7.d/S90squid restart

Try your access through your squid proxy.

Good Luck,

John

[MarkR]

Hi mrjhb3,

Many thanks for your help.

I created the custom template, but when i edited it looked like this

Code: [Select]

acl SSL_ports port 443 563
I have simply added 2083 to the end

Code: [Select]

acl SSL_ports port 443 563 2083
I then saved the custom template and then expanded and restarted squid and it appears to be working ok?

Is this method acceptable or should i configure via your method?

Thanks again
mark

[mrjhb3]

Hi Mark,


Unless you typed something wrong, you shouldn't have to add anything.  By manually adding this at the end, you will probably lose it on a post-upgrade, reboot event.  On a default install, I have this with your settings.


config setprop squid SSLPorts 443,563,2083
expand-template /etc/squid/squid.conf
more /etc/squid/squid.conf
...
acl SSL_ports port 443 563 2083




If you do a -  config printprop squid SSLPorts - what do you have?


John

[CharlieBrady]

I then saved the custom template and then expanded and restarted squid and it appears to be working ok?

Is this method acceptable or should i configure via your method?

What you've done is fine. It does the job for you.

mrjhb3's suggestion would make it a little easier to make future changes, and would be good as an update for the base OS. But no real improvement for you on what you have done.

[raem]

CharlieBrady

mrjhb3's suggestion would make it a little easier to make future changes, and would be good as an update for the base OS.

NFR  bug added
http://bugs.contribs.org/show_bug.cgi?id=8159

[MarkR]

Hi all,

Many thanks for your help.

Once again... fantastic support from a great community.

Mark

[stephdl]

please see the bug http://bugs.contribs.org/show_bug.cgi?id=8173 and the documentation in http://wiki.contribs.org/DB_Variables_Configuration#Squid_Proxy_.28squid.29, you have now other options in squid to Configure additional https ports