A BIG Adobe Problem
Readers of Stephen Ramsay’s blog may have recently read his post about Adobe. To sum up, one of our clients used over 70GB of data which was defiantly above there normal usage. The reason? Adobe. If you’d like to read more visit Stephen’s blog.
I decided that I would discuss the technical side of how exactly we blocked this from happening. I never realised how simple it actually is to block a website using squid. Firstly I should mention that it is important to get the rules in the EXACT order. I made the mistake of having:
acl bad url_regex -i ‘/etc/squid/squid-block.acl’
acl our_networks src 192.168.100.0/24 127.0.0.1http_access allow our_networks
http_access deny bad
http_access deny all
This of course meant that ‘our_network’ was allowed to access any website (as it comes before on the deny allow list). So to fix this I changed it to:
acl bad url_regex -i ‘/etc/squid/squid-block.acl’
acl our_networks src 192.168.100.0/24 127.0.0.1http_access deny bad
http_access allow our_networks
http_access deny all
This meant that the ‘bad’ list was above the network thus being denied first. But now what? Squid has these settings but no rules. So this is where the file /etc/squid/squid-block.acl comes into play! This file contains the website that you wish to ban. So this file for me contained:
ardownload.adobe.com
And that’s it, the website is blocked! Simple isn’t it.
I’d like to thank freesoftwaremazine.com for the help article.
Another blog coming soon!
Ciao!
