Re: [squid-users] Squid 2.6 and Wordpress

From: Chris Robertson <crobertson_at_gci.net>
Date: Tue, 06 Jan 2009 12:02:20 -0900

Dan Casey wrote:
> I'm running squid 2.6 from CentOS 5 repository, as an http accelerator
> for wordpress.
>
> I've got it working to a point using a configuration I found elsewhere
> (I'm not very familiar with squid yet, and most docs I've found are not
> relevant to this version).
> It is successfully caching the images as stuff and other static content,
> but I would like it cache some of dynamic pages as well. I've played
> around with the refresh_pattern's a little bit, but didn't have any
> luck. Here is an example from the access log.
>
> ping.php is specifically not cached, but the other one "?p=1" I would
> like to cache.
>
> 1231260321.328 682 192.168.1.20 TCP_MEM_HIT/200 1541 GET
> http://wp.dom.tld/wp-content/themes/default/images/bg_body.gif - NONE/-
> image/gif
> 1231260321.331 3 192.168.1.20 TCP_MEM_HIT/200 8116 GET
> http://wp.dom.tld/wp-content/themes/default/images/wp_blog_head_01.png -
> NONE/- image/g
> 1231260321.332 0 192.168.1.20 TCP_MEM_HIT/200 2033 GET
> http://wp.dom.tld/wp-content/themes/default/images/wp_blog_head_02.png -
> NONE/- image/g
> 1231260321.482 150 192.168.1.20 TCP_MEM_HIT/200 739 GET
> http://wp.dom.tld/wp-content/themes/default/images/icon_rss.gif - NONE/-
> image/gif
> 1231260324.383 2 192.168.1.20 TCP_MISS/200 12 GET
> http://wp.dom.tld/ping.php - FIRST_UP_PARENT/192.168.1.101 text/html
> 1231260326.500 854 192.168.1.20 TCP_MISS/200 3209 GET
> http://wp.dom.tld/?p=1 - FIRST_UP_PARENT/192.168.1.101 text/html
>

What is the output of "wget -O /dev/null -S http://wp.dom.tld/?p=1"?
Refresh patterns only help if expiry information is absent.

> 1231260326.674 27 192.168.1.20 TCP_MEM_HIT/200 11252 GET
> http://wp.dom.tld/wp-content/themes/default/style.css - NONE/- text/css
> 1231260327.406 733 192.168.1.20 TCP_MEM_HIT/200 1541 GET
> http://wp.dom.tld/wp-content/themes/default/images/bg_body.gif - NONE/-
> image/gif
> 1231260327.410 3 192.168.1.20 TCP_MEM_HIT/200 8116 GET
> http://wp.dom.tld/wp-content/themes/default/images/wp_blog_head_01.png -
> NONE/- image/g
> 1231260327.411 0 192.168.1.20 TCP_MEM_HIT/200 2033 GET
> http://wp.dom.tld/wp-content/themes/default/images/wp_blog_head_02.png -
> NONE/- image/g
> 1231260327.417 6 192.168.1.20 TCP_MEM_HIT/200 739 GET
> http://wp.dom.tld/wp-content/themes/default/images/icon_rss.gif - NONE/-
> image/gif
>
>
>
> ############# /etc/squid/squid.conf ##################
> # Basic parameters
> visible_hostname localhost
> # This line indicates the server we will be proxying for
> http_port 80 defaultsite=wordpress.dom.tld
>

This should probably be...

http_port 80 accel defaultsite=wordpress.dom.tld

...to explicitly enable acceleration mode.

> # And the IP Address for it
> cache_peer 10.10.10.10 parent 80 0 no-query originserver
> acl apache rep_header Server ^Apache
> broken_vary_encoding allow apache
> # Where the cache files will be, memory and such
> cache_dir ufs /var/spool/squid 10000 16 256
> cache_mem 256 MB
> maximum_object_size_in_memory 32 KB
> # Log locations and format
> logformat common %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %Hs %<st %Ss:%Sh
> logformat combined %>a %ui %un [%tl] "%rm %ru HTTP/%rv" %Hs %<st
> "%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh
> access_log /var/log/squid/access.log squid
> cache_log /var/log/squid/cache.log
> cache_store_log /var/log/squid/store.log
> hosts_file /etc/hosts
> # Basic ACLs
> acl all src 0.0.0.0/0.0.0.0
> acl mydomain dstdomain .example.com
> acl manager proto cache_object
> acl localhost src 127.0.0.1/255.255.255.255
> acl to_localhost dst 127.0.0.0/8
> acl Safe_ports port 80
> acl purge method PURGE
> acl CONNECT method CONNECT
> http_access allow manager localhost
> http_access deny manager
> http_access allow purge localhost
> http_access deny purge
> http_access deny !Safe_ports
> http_access allow localhost
> http_access allow all
>

Enabling http_access allow all (even in accelerator mode) is...
inadvisable. Removing it, and setting the mydomain ACL properly is a
much better choice.

> http_access allow mydomain
> http_access deny all
> http_reply_access allow all
> icp_access allow all
> cache_effective_group squid
> coredump_dir /var/spool/squid
> forwarded_for on
> emulate_httpd_log on
> redirect_rewrites_host_header off
> buffered_logs on
>
> refresh_pattern -i ping.php 0 0% 0 override-expire
> refresh_pattern -i .php 0 50% 30
> refresh_pattern -i .js 0 50% 300
> refresh_pattern -i .css 0 50% 300
> refresh_pattern -i .jpg 0 50% 300
> refresh_pattern -i .gif 0 50% 300
> refresh_pattern -i .png 0 50% 300
> refresh_pattern -i .swf 0 50% 300
> refresh_pattern -i .html 0 50% 300
> refresh_pattern -i .shtml 0 50% 300
>
> client_persistent_connections on
> server_persistent_connections on
> pipeline_prefetch on
> strip_query_terms off
>
>

Chris
Received on Tue Jan 06 2009 - 21:00:57 MST

This archive was generated by hypermail 2.2.0 : Wed Jan 07 2009 - 12:00:02 MST