Reverse proxy from nginx to squid

nginx proxy reverse-proxy squid http-proxy

14,477

in nginx:

proxy_pass http://@squid;

in squid:

http_port 3128 vhost

and that's all you need for fix this https://imgur.com/qtgrZI9 error

14,477

Author by

aptgetmoo

Updated on June 17, 2022

Comments

aptgetmoo almost 2 years

Similar to this, I am trying to host a squid proxy behind nginx:

example.com - the main site

relay.example.com - the squid server.

So far, when I try to use the squid proxy, it will complain about accessing an illegal page, for example, if I try to access http://www.google.com, I get an Invalid URL error saying that the URL /http://www.google.com (note the preceding /). Could anyone suggest why this is happening, or a fix for nginx or perhaps in the squid config?

upstream @squid {
    server localhost:3128;
}

server {
    listen 80;
    server_name relay.example.com;

    location / {
        proxy_pass http://@squid/$scheme://$host$uri;

        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header Request-URI $request_uri;

        proxy_redirect off;
    }
}

https://imgur.com/qtgrZI9

The log from squid gives:

1423083723.857      0 127.0.0.1 NONE/400 3530 GET /http://www.google.com/ - HIER_NONE/- text/html

And nginx for the same request:

12.34.56.78 - - [04/Feb/2015:16:02:03 -0500] "GET http://www.google.com/ HTTP/1.1" 400 3183 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:35.0) Gecko/20100101 Firefox/35.0" "-"

RobC over 6 years

'tranasparent' is only for NAT routing not nginx reverse proxy.
mnach over 4 years

actually you also need to allow direct forwarding, like so: http_port 3128 vhost allow-direct (squid 4.6-1+deb10u1)
mnach over 4 years

Also, vhost is deprecated in new squid versions, I'm using accel insted