Squid 403's every request as an HTTP proxy

Solution 1:

Without seeing your entire configuration I can only guess as to what the problem might be, but here's a few helpful tips and potential gotchas when working with squid.

ACL's are done in order, so if you have any ACLs before those two that are 'deny' I would check them first.

By default squid logs to /usr/local/squid/var/logs/access.log which can provide helpful hints as too why you might be seeing 403's. You may also want to try to add these lines, these are out of my config for when I need to debug something, they've proven very useful in the past

# <Client IP> <Username> [<Local Time>] "<Request Method> <Request URL> HTTP/<Protocol Version> <Response Status Code> \
# <Sent reply size (with hdrs)> <Referer> <User Agent> <Squid Request Status>:<Squid Hierarchy Status>
logformat combined %>a %un [%tl] "%rm %ru HTTP/%rv" %>Hs %<st "%{Referer}>h" "%{User-Agent}>h" %Ss:%Sh
access_log /var/log/squid/squid.log squid
access_log /var/log/squid/access.log combined

Those first two lines are a comment describing the format of the combined log. Make sure that /var/log/squid exists and that it's writable by whatever user your squid instance runs as.

If you use those lines, general squid errors will be redirected to /var/log/squid/squid.log and every request/response from clients to squid will be logged in /var/log/squid/access.log. If you have a lot of users using your proxy be careful turning that second access_log line on as it will generate HUGE logs.

Hope this helps :)