Small correction on the statements below:
On 10/03/2026 18:26, Jonathan Lee wrote:
I wanted to share my findings I had some help a while back with working
on this.
Resolution:
Bug #15410 <https://redmine.pfsense.org/issues/15410> - cache_object://
scheme removed in Squid 6.
squidclient sends Proxy-Authorization header which Squid 6 rejects
for squid-internal-mgr endpoint.
Fix: Modified /usr/local/www/status_squid.php to use curl instead
of squidclient, sending Authorization header directly:
exec("/usr/local/bin/curl -s --max-time 10 -u 'admin:PASSWORD'
http://<interface_ip>:3128/squid-internal-mgr/info <http://
<interface_ip>:3128/squid-internal-mgr/info>", $result);
Note: cachemgr_passwd is configured in squid.conf but under normal
circumstances manager access is controlled by manager_hosts ACL
(src 127.0.0.1 ::1 192.168.1.1).
No "but" about this situation.
One must have **both** access (ACLs) to the cache manager, and
permission (cachemgr_passwd / WWW-Auth*) to view the requested
management URL.
HTH
Amos
_______________________________________________
squid-users mailing list
[email protected]
https://lists.squid-cache.org/listinfo/squid-users
