On 2010-04-21, Willy Tarreau <w#1wt.eu> wrote:
>
> You can also use haproxy in front of squid to suppress the 502 in the
> response, because you can make it block this response (which normally
> also causes a 502 to be sent to the client), but you can define what
> to send on the 502 error. Basically it would look like this :
>
> rspdeny ^HTTP/1.0\ 502
> errorfile 502 /dev/null
Yes, thanks, this works. And I see I can also block it earlier using reqdeny.
reqdeny ^HEAD errorfile 403 /dev/null
> BTW, I'm recalling that squid also supports custom error responses,
> but I don't know if you can rewrite the status code or not.
Yes, maybe, but the squid cache is shared by lots of other clients, while we only need to block a subset of these and can point them at a separate port. So HAproxy looks like a good solution for this. Although it's a hack I definitely would prefer not to go into production with.. better to fix the clients if we can.
-jf Received on 2010/04/22 14:55
This archive was generated by hypermail 2.2.0 : 2010/04/22 15:00 CEST