How to setup a Squid Reverse Proxy

Hello,

I have a website (windows IIS) that is very busy and I wanted to setup an SQUID Reverse proxy to offload some of the traffic. I wanted to know what are the best practices, and how to setup it up on a Linux (CentOS)?

Thanks in advance,

Patrick B.
 
LVL 1
blueglacierAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
TintinConnect With a Mentor Commented:
My preference is for Apache, but Squid is still OK if you don't have complex rules as described in my previous posts.  Additionally, squid will probably be a bit better if the main thing you want to use it for is a reverse proxy cache, although the mod_cache Apache module was vastly improved in Apache 2.2

For info on Reverse Proxy Apache tutorial, see:

http://www.serverwatch.com/tutorials/article.php/3290851

Note that this is for Apache 2.0.  There are some improvements/enhancements in Apache 2.2, but it all depends on your exact requirements.  If you have just a very straight forward environment, then the details in this tutorial will be just fine.

0
 
TintinCommented:
Firstly, my recommendation would be to *NOT* use squid as a reverse proxy.  I had a very large client using Squid as a reverse proxy for around 10 websites and the limitations around SSL and redirections/rewriting became apparent very early on.

Using Apache in reverse proxy mode is much more efficient and SSL management is so much easier than you can do in squid.
0
 
ravenplConnect With a Mentor Commented:
Tintin: I'm suprised with Your experience. On the other side of the world, I know popular portals that are accelerated(and protected) by squid farms - works fine.
http://sial.org/howto/squid/#s3.2 # for one host
http://www.option-c.com/xwiki/Squid_Reverse_Proxy # for host based
0
The new generation of project management tools

With monday.com’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

 
TintinCommented:
If you have a very basic and straight forward reverse proxy environment, then squid will be just fine.  However, once you start getting into more complex requirements such as rewrite/redirections, SSL bridging, URL/HTML URL mapping etc, then Apache is far superior.

The current stable release of squid is 2.6, and its SSL support is limited compared to Apache.
0
 
blueglacierAuthor Commented:
Tintin that sounds interesting.  So instead of setting up  squid, I would replace it with Apache.  Is this what you are suggesting?

 [internet]--[Firewall]--[Apache(as reverse proxy)]--[IIS(wtih ASP.NET Application]

Also, the only problems you found is with SSL right. So only the part that handles payment procesing will be affected?

Do you have any examples/docs on this setup.

Thanks,

Patrick
PS: Thanks for the feedback Ravenpl I am checking those links today.
0
 
blueglacierAuthor Commented:
Thanks for the help.

Patrick
0
All Courses

From novice to tech pro — start learning today.