Listing 6 Control access

acl my_networks src 192.168.0.0/24
acl my_baseurl url_regex -i ^http://www.mywebserver.xxx
acl out_urls urlpath_regex ^open_to_all


http_access deny !my_baseurl
    #-->This is useful, as this will not allow URL such as
    # http://1.2.3.4 which is real IP address of your web 
    # server(actually squid's IP address through DNS).  -i option
    # for case insensitive. This makes sure that browser will always
    # access your webserver by defining its fully qualified domain name.
http_access allow my_networks
    #-->Allow all access (anything after base URL) from my internal network.
http_access allow !my_networks out_urls
    #-->Allow only specified URL path for outsider.
http_access deny all
     #This is important as to deny any unknown requests other than above.