This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Web Filtering: Caching always enabled?!

It seems to me that web caching is getting auto-enabled when web filtering is on, despite the fact that I don't have the feature enabled in the GUI.

We do a lot of web development work with external clients, and this often involves migration to new hosting facilities and, consequently, DNS changes to re-point domain names to the new IP addresses. Once a site migration/upgrade has been carried out, and DNS has been updated, we will clear the DNS caches at various levels so that we can view the change--rather than wait for the various cached records to reach their TTL.

DNS resolution in our network: Our local machines are pointed at the domain controllers, which are pointed at the UTM, which points to a DNS group composed of OpenDNS servers. In other words, we use best practices as outlined elsewhere in this forum.

The problem is this: It happens that even after DNS caches are flushed on local PC, DCs, and the UTM, and pings to the web domain name show the updated/correct IP address, the old website still shows up in the browser.

My first thought was that the browser must be caching the old site. But no, even when the browser cache is cleared, browser is restarted, a different browser is used, or a different PC is used, the old site still shows. But, if I then go into the UTM Webadmin and disable Web Filtering, the correct website will show in the browser.

Thoughts, anyone? Am I missing something, or have I discovered a (very glaring) bug?

This thread was automatically locked due to age.

0 MatthewArciniega1 over 8 years ago

I just verified the issue again. I'm opening a support issue on this.

-----------------------
SG210/UTM 9.407-3
Cancel
Vote Up 0 Vote Down

Cancel
0 MatthewArciniega1 over 8 years ago

I am beginning to think this was either just a fluke that corrected itself after a few times enabling/disabling the web filter, or just a diagnostic error on my part. We haven't had a repeat of this issue for some days now.

-----------------------
SG210/UTM 9.407-3
Cancel
Vote Up 0 Vote Down

Cancel
0 sachingurung over 8 years ago

Hi Matthew,

Go to Web Protection> Filter Option> Misc> Web Caching. Clear cache and uncheck the "enable caching" option.

Web Caching works in very limited scenarios and is actually fairly complicated.

Caching depends three things (well actually a lot more) -
1) the server says the page is allowed to be cached
2) the browser requests a cached version
3) and the browser is not doing any caching on its own

Most single-user scenarios that the browser and server allow caching, the browser does the caching for you so the proxy's cache never comes into play.

Here is a test:

Create a bookmark for www.example.com.

Use the bookmark to load the page.

Use the bookmark to load the page again.

Note that in the proxy log there is no second request because it was cached by the browser.

Now hit F5 to reload www.example.com.

Note that in the proxy log there is now another request but it was not from cache. The status code is 304. In this the browser said "GET this page, by the way I have cached version x" and the website replied 304 Not Modified with no content saying the browser cache was good. The proxy does not interfere.

Now clear the browser cache (you can use Control-Shift-Delete).

Use the bookmark to load the page.

You should see the request in the log and it should come from the cache.

Thanks

Sachin Gurung
Team Lead | Sophos Technical Support
Knowledge Base | @SophosSupport | Video tutorials
Remember to like a post. If a post (on a question thread) solves your question use the 'This helped me' link.
Cancel
Vote Up 0 Vote Down

Cancel